Information on source package nethack

Available versions

Release	Version
buster	3.6.1-1
bullseye	3.6.6-2
bookworm	3.6.6-3
sid	3.6.6-3

Open issues

Bug	buster	bullseye	bookworm	sid	Description
CVE-2023-24809	vulnerable (no DSA)	vulnerable (no DSA)	vulnerable	vulnerable	NetHack is a single player dungeon exploration game. Starting with ver ...
CVE-2020-5254	vulnerable (no DSA)	fixed	fixed	fixed	In NetHack before 3.6.6, some out-of-bound values for the hilite_statu ...

Open unimportant issues

Bug	buster	bullseye	bookworm	sid	Description
CVE-2020-5214	vulnerable	fixed	fixed	fixed	In NetHack before 3.6.5, detecting an unknown configuration file optio ...
CVE-2020-5213	vulnerable	fixed	fixed	fixed	In NetHack before 3.6.5, too long of a value for the SYMBOL configurat ...
CVE-2020-5212	vulnerable	fixed	fixed	fixed	In NetHack before 3.6.5, an extremely long value for the MENUCOLOR con ...
CVE-2020-5211	vulnerable	fixed	fixed	fixed	In NetHack before 3.6.5, an invalid extended command in value for the ...
CVE-2020-5210	vulnerable	fixed	fixed	fixed	In NetHack before 3.6.5, an invalid argument to the -w command line op ...
CVE-2020-5209	vulnerable	fixed	fixed	fixed	In NetHack before 3.6.5, unknown options starting with -de and -i can ...
CVE-2019-19905	vulnerable	fixed	fixed	fixed	NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability ...

Resolved issues

Bug	Description
CVE-2020-5253	NetHack before version 3.6.0 allowed malicious use of escaping of char ...
CVE-2003-0359	nethack 3.4.0 and earlier installs certain setgid binaries with insecu ...
CVE-2003-0358	Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1 ...

Security announcements

DSA / DLA	Description
DSA-316	nethack - buffer overflow, incorrect permissions