./games/nethack-lib, Data files for Nethack

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]


Branch: CURRENT, Version: 3.6.6, Package name: nethack-lib-3.6.6, Maintainer: pkgsrc-users

Nethack is a single player, ASCII graphics-based adventure game, similar
to the lines of Dungeons & Dragons and similar fantasy games. It is
commonly classified in the larger group of Rogue-like Games, which
generally are all text-based, solo adventures.

Within the game, your character is after the infamous Wizard of Yendor,
who has stolen the Amulet of Yendor and plans to use it for his evil
purposes. You, a young member of your chosen class, have been blessed by
your people and your god to retrieve the Amulet, and to save the world
from the Wizard's evil plans.


Required to build:
[pkgtools/cwrappers]

Master sites:

Filesize: 5446.907 KB

Version history: (Expand)


CVS history: (Expand)


   2021-10-26 12:44:37 by Nia Alarie | Files touched by this commit (466)
Log message:
games: Replace RMD160 checksums with BLAKE2s checksums

All checksums have been double-checked against existing RMD160 and
SHA512 hashes
   2021-10-07 16:08:04 by Nia Alarie | Files touched by this commit (466)
Log message:
games: Remove SHA1 hashes for distfiles
   2020-04-24 14:59:00 by Olaf Seibert | Files touched by this commit (2) | Package updated
Log message:
The NetHack DevTeam is announcing the release of NetHack 3.6.6 on
March 8, 2020

NetHack 3.6.6 is the official release of NetHack that follows NetHack 3.6.5.

This release primarily corrects a security issue present in NetHack
versions 3.6.1, 3.6.2, 3.6.3, 3.6.4 and 3.6.5.
For details about the security issues please see https://www.nethack.org/security.
You are encouraged to update to NetHack 3.6.6 as soon as possible.

Here's a brief synopsis of the handful of bug fixes included in NetHack 3.6.6:

 *  invalid status highlight color could be maliciously used to corrupt memory
 *  formatting corpse names used internal buffers differently from formatting
 *      other objects and could potentially clobber memory
 *  avoid divide by 0 crash if 'bogusmon' (file of bogus monster types) is empty
 *  avoid #wizrumorcheck crash if either 'rumors.tru' or 'rumors.fal' or both
 *      were empty when makedefs built 'rumors'
 *  avoid "<mon>'s glorkum pass harmlessly through the shade" \ 
for weaponless mon

All of the fixes have been published on the public Git repository for the game.
A more complete list can be found in the game's sources in doc/fixes36.6. As usual,
a warning that some entries in that file may also be "spoilers".

Existing saved games and bones files from 3.6.0 through to 3.6.5 should work with
3.6.6, assuming that the same build configuration options were used.

The following command can be used on most platforms to help confirm the location of
various files that NetHack may use:
    nethack --showpaths
   2020-01-28 22:11:30 by Olaf Seibert | Files touched by this commit (4) | Package updated
Log message:
games/nethack: update to 3.6.5.

The NetHack DevTeam is announcing the release of NetHack 3.6.5 on January 27,
2020

NetHack 3.6.5 is the official release of NetHack that follows NetHack 3.6.4.

This release primarily corrects security issues present in NetHack versions
3.6.0, 3.6.1, 3.6.2, 3.6.3 and 3.6.4.

CVE-2020-5214	Error recovery after syntax error in configuration file is
                subject to a buffer overflow
CVE-2020-5213	SYMBOL configuration file option is subject to a buffer overflow
CVE-2020-5212	MENUCOLOR configuration file option is subject to a buffer
                overflow
CVE-2020-5211	AUTOCOMPLETE configuration file option is subject to a buffer
                overflow
CVE-2020-5210	NetHack command line -w option parsing is subject to a buffer
                overflow
CVE-2020-5209	Command line parsing of options starting with -de and -i is
                subject to a buffer overflow
CVE-2019-19905	Privilege escalation/remote code execution/crash in
                configuration parsing

You are encouraged to update to NetHack 3.6.5 as soon as possible.

Here's a brief synopsis of the handful of bug fixes included in NetHack 3.6.5:

    fix accessing mons[-1] when trying to gate in a non-valid demon
    fix accessing mons[-1] when monster figures out if a tin cures stoning
    have string_for_opt() return empty_optstr on failure
    ensure existing callers of string_for_opt() check return value
      before using it
    fix potential buffer overflow in add_menu_coloring()
    fix potential buffer overflow in sym_val()
    fix potential buffer overflow in pline(), raw_printf(), and
      config_error_add()
    fix potential buffer overflow in choose_windows()
    use vsnprintf instead of vsprintf in pline.c where possible
    Windows: includes a fix from a 3.6.4 post-release update where
      OPTIONS=map_mode:fit_to_screen could cause a game start failure
    Windows: users with C-locale unmappable names could get game start failure

All of the fixes have been incrementally published on the public Git
repository for the game. A more complete list can be found in the game's
sources in doc/fixes36.5. As usual, a warning that some entries in that
file may also be "spoilers".

Existing saved games and bones files from 3.6.0 through to 3.6.4 should
work with 3.6.5, assuming that the same build configuration options were
used.
   2020-01-26 18:32:28 by Roland Illig | Files touched by this commit (981)
Log message:
all: migrate homepages from http to https

pkglint -r --network --only "migrate"

As a side-effect of migrating the homepages, pkglint also fixed a few
indentations in unrelated lines. These and the new homepages have been
checked manually.
   2020-01-08 17:55:13 by Masatake Daimon | Files touched by this commit (3)
Log message:
Set a setuid bit on bin/recover too

Also corrected the default directory where bin/recover searches for
save files.
   2019-12-19 15:41:59 by Olaf Seibert | Files touched by this commit (2) | Package updated
Log message:
games/nethack: security update to 3.6.4.

https://www.nethack.org/security/index.html:

NetHack: Privilege escalation/remote code execution/crash in
configuration parsing

Severity: High
Affected versions: 3.6.0, 3.6.1, 3.6.2, 3.6.3
First Patched Version: 3.6.4

Basic Information:
A buffer overflow issue exists when reading very long lines from a
NetHack configuration file (usually named .nethackrc).

This vulnerability affects systems that have NetHack installed suid/sgid
and shared systems that allow users to upload their own configuration
files.

All users are urged to upgrade to NetHack 3.6.4 as soon as possible.

Additional information related to this advisory, if any, will be made
available at https://nethack.org/security.
   2019-12-07 14:27:08 by Olaf Seibert | Files touched by this commit (3) | Package updated
Log message:
Update to NetHack 3.6.3.

From https://www.nethack.org/v363/release.html :

 NetHack 3.6.3 is the official release of NetHack that follows NetHack 3.6.2.
Here's a synopsis of over 190 bug fixes and over 22 game enhancements and
community contributions made since the release of 3.6.2 in May 2019:

    Fixed stale 'thrownobj' pointer for returning thrown aklys while engulfed
    Fixed uarmh null pointer dereference if a helm of opposite alignment came \ 
off due to being polymorphed
    Fixed 'object lost' panic when attempting to crawl of of the water during \ 
emergency disrobing/dropping
    Running now stops when moving over engravings so you can tell where they are
    Fixed detection of unseen/secret doors which failed to find monsters hiding \ 
under objects and failed to find monsters hiding at trap locations
    Ensured fatal status conditions made it to disclosure and/or dumplog
    Fixed "Bad fruit #N" warnings when saving bones with 'perm_invent' On
    Fixed it so yellow dragons don't have green breath
    Added several grammar corrections
    Improved recognition of deafness for several situations including the \ 
playing of musical instruments and bribing negotiations with demon lords
    Fixed ignoring of god's wrath when hero injured himself during altar kick
    Fixed several cases where persistent inventory window was not updated
    Fixed temple priests or shopkeepers moving over other monsters
    Fixed a crash-causing bug when putting on levitation boots over a sink
    Ensured that thrown or kicked objects will end up in bones
    Made water go all the way to the edges of level on the Plane of Water
    Made clouds disrupt line of sight along the edges of the Plane of Air
    Improved and expanded usage of status highlighting percentage rules
    Added more than 15 improvements and fixes to the curses window port
    Added and documented significant changes to default directory choices for \ 
the Windows platform
    Improved the layout and display of the player selection dialog used on the \ 
Windows graphical implementation
    Improved performance of some tty versions by reducing the number of function \ 
calls made from mapglyph
    Allowed the msdos implementation to build with curses and PDCurses
    Over 100 other fixes and improvements

All of the fixes have been incrementally published on the public Git repository
for the game. A more complete list can be found in the game's sources in
doc/fixes36.3. As usual, a warning that some entries in that file may also be
"spoilers".

As with all releases of the game, we appreciate your feedback. Please submit
any bugs using the problem report form. Also, please check the "known bugs"
list before you log a problem - somebody else may have already found it.

Happy NetHacking!