Information on source package nethack

Available versions

ReleaseVersion
jessie3.4.3-15
stretch3.6.0-4
buster3.6.1-1
sid3.6.1-1

Open issues

BugjessiestretchbustersidDescription
CVE-2020-5254fixedfixedvulnerable (no DSA)vulnerableIn NetHack before 3.6.6, some out-of-bound values for the hilite_statu ...
CVE-2020-5253vulnerablefixedfixedfixedNetHack before version 3.6.0 allowed malicious use of escaping of char ...

Open unimportant issues

BugjessiestretchbustersidDescription
CVE-2020-5214vulnerablevulnerablevulnerablevulnerableIn NetHack before 3.6.5, detecting an unknown configuration file optio ...
CVE-2020-5213vulnerablevulnerablevulnerablevulnerableIn NetHack before 3.6.5, too long of a value for the SYMBOL configurat ...
CVE-2020-5212vulnerablevulnerablevulnerablevulnerableIn NetHack before 3.6.5, an extremely long value for the MENUCOLOR con ...
CVE-2020-5211vulnerablevulnerablevulnerablevulnerableIn NetHack before 3.6.5, an invalid extended command in value for the ...
CVE-2020-5210vulnerablevulnerablevulnerablevulnerableIn NetHack before 3.6.5, an invalid argument to the -w command line op ...
CVE-2020-5209vulnerablevulnerablevulnerablevulnerableIn NetHack before 3.6.5, unknown options starting with -de and -i can ...
CVE-2019-19905vulnerablevulnerablevulnerablevulnerableNetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability ...

Resolved issues

BugDescription
CVE-2003-0359nethack 3.4.0 and earlier installs certain setgid binaries with insecu ...
CVE-2003-0358Buffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1 ...

Security announcements

DSA / DLADescription
DSA-316nethack - buffer overflow, incorrect permissions

Search for package or bug name: Reporting problems