Bug#924853: marked as done (RFS: tintin++/2.01.5-2 -- classic text-based MUD client)

["Debian Bug Tracking System" <owner@bugs.debian.org>]

Your message dated Sun, 17 Mar 2019 23:52:49 +0100
with message-id <20190317225249.GA1261@angband.pl>
and subject line Re: Bug#924853: RFS: tintin++/2.01.5-2
has caused the Debian Bug report #924853,
regarding RFS: tintin++/2.01.5-2 -- classic text-based MUD client
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
924853: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924853
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

• To: submit@bugs.debian.org
• Subject: RFS: tintin++/2.01.5-2
• From: Jozsef Nagy <runave214@gmail.com>
• Date: Sun, 17 Mar 2019 19:43:37 +0100
• Message-id: <[🔎] CAO77e4NUO1UBEp2dWSzwppDRF0es-ZnAK8eRLixaB3rb0d47uQ@mail.gmail.com>

Package: sponsorship-requests
Severity: normal

Dear mentors,

  I am looking for a sponsor for package "tintin++"

 * Package name    : tintin++
   Version         : 2.01.5-2
   Upstream Author : Igor van den Hoven <mudclient@gmail.com>
 * URL             : http://tintin.sourceforge.net/
 * License         : GPL-2
   Section         : games

  It builds the following binary package:

    tintin++   - classic text-based MUD client

  To access further information about this package, please visit the
following URL:

  https://mentors.debian.net/package/tintin%2B%2B


  Alternatively, one can download the package with dget using this command:

    dget -x https://mentors.debian.net/debian/pool/main/t/tintin++/tintin++_2.01.5-2.dsc

  Changes since the last upload:

  * Add security patch - backport fix of the following security bug:
  - CVE-2019-7629:
    Stack-based buffer overflow in the strip_vt102_codes function allows
    remote attackers to execute arbitrary code by sending a long message
    to the client.
    (Closes: #924348)

 Best Regards,
 Joe

--- End Message ---

--- Begin Message ---

• To: Jozsef Nagy <runave214@gmail.com>, 924853-done@bugs.debian.org
• Subject: Re: Bug#924853: RFS: tintin++/2.01.5-2
• From: Adam Borowski <kilobyte@angband.pl>
• Date: Sun, 17 Mar 2019 23:52:49 +0100
• Message-id: <20190317225249.GA1261@angband.pl>
• In-reply-to: <[🔎] CAO77e4NUO1UBEp2dWSzwppDRF0es-ZnAK8eRLixaB3rb0d47uQ@mail.gmail.com>
• References: <[🔎] CAO77e4NUO1UBEp2dWSzwppDRF0es-ZnAK8eRLixaB3rb0d47uQ@mail.gmail.com>

On Sun, Mar 17, 2019 at 07:43:37PM +0100, Jozsef Nagy wrote:
>  * Package name    : tintin++
>    Version         : 2.01.5-2

>   Changes since the last upload:
> 
>   * Add security patch - backport fix of the following security bug:
>   - CVE-2019-7629:
>     Stack-based buffer overflow in the strip_vt102_codes function allows
>     remote attackers to execute arbitrary code by sending a long message
>     to the client.
>     (Closes: #924348)

Uploaded.

Alas, although I've scoured my fork of tintin++ (kbtin) for this kind of
bugs nearly two decades ago, the code has diverged way too much for fixes to
be applicable either way.


Meow!
-- 
⢀⣴⠾⠻⢶⣦⠀
⣾⠁⢠⠒⠀⣿⡁ Did ya know that typing "test -j8" instead of "ctest -j8"
⢿⡄⠘⠷⠚⠋⠀ will make your testsuite pass much faster, and fix bugs?
⠈⠳⣄⠀⠀⠀⠀

--- End Message ---