Accepted sgt-puzzles 20230122.806ae71-2 (source) into unstable
- To: debian-devel-changes@lists.debian.org
- Subject: Accepted sgt-puzzles 20230122.806ae71-2 (source) into unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 17 Apr 2023 00:03:58 +0000
- Debian: DAK
- Debian-architecture: source
- Debian-archive-action: accept
- Debian-changes: sgt-puzzles_20230122.806ae71-2_source.changes
- Debian-source: sgt-puzzles
- Debian-suite: unstable
- Debian-version: 20230122.806ae71-2
- Dkim-signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=ftp-master.debian.org; s=smtpauto.fasolo; h=Date:Message-Id: Content-Transfer-Encoding:Content-Type:Subject:MIME-Version:To:Reply-To:From: Cc:Content-ID:Content-Description:In-Reply-To:References; bh=W/YJIdvI1Xc/k828gXpvKwxBn+Zh0NAijF1IEKDYCYU=; b=kspogJnVsPlkLJN5Kz6Get0Bn+ keJpd4qM1VO0thn25Yy3Pf22OhtWW/J8u3D/L3DULiaKyJKupzKBt7y+1uBicWUjfkHF5RUS0tcyA lKwJoa+hJJXFNlClvhUOrc87jzrOOsLAWqv8GvqLG9HUiWg6g0/WpsGtZ77IdZuYKnNcDEUKag1te YHgijXqs/B+tEylXpznQshVW5p+2h4ZDnDL6tCKRQkUgaQ1obnTd5AgIe3ZT5W//UyJSVH4NRkyTL HbYg6OKDyNnN4tDJmJcXLsvrzGZYSHQF1eJ92TOoTDkoJQuBj6YbbrMMiJw/ilT8R1pHiK9TZzcAT UGBZbmeA==;
- Mail-followup-to: debian-devel@lists.debian.org
- Message-id: <E1poCLe-0053Pp-Ar@fasolo.debian.org>
- Reply-to: debian-devel@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 16 Apr 2023 21:19:11 +0200
Source: sgt-puzzles
Architecture: source
Version: 20230122.806ae71-2
Distribution: unstable
Urgency: medium
Maintainer: Ben Hutchings <benh@debian.org>
Changed-By: Ben Hutchings <benh@debian.org>
Closes: 905852 1034190
Changes:
sgt-puzzles (20230122.806ae71-2) unstable; urgency=medium
.
* Fix various security issues in game loading (Closes: #1034190):
- Black Box: reject negative ball counts in game_params.
- Add validate_params bounds checks in a few more games.
- Don't allow Bridges games with < 2 islands
- Forbid moves that fill with the current colour in Flood
- Cleanly reject ill-formed solve moves in Flood
- Don't segfault on premature solve moves in Mines
- Limit number of mines in Mines game description
- Validate the number of pegs and holes in a Pegs game ID
- Mines: forbid moves that flag or unflag an exposed square
- Mines: Don't check if the player has won if they've already lost
- Avoid invalid moves when solving Tracks
- Fix move validation in Netslide
- Tighten validation of Tents game descriptions
- Dominosa: require the two halves of a domino to be adjacent
- Forbid lines off the grid in Pearl
- Tolerate incorrect solutions in Inertia
- Palisade: replace dfs_dsf() with a simple iteration.
- latin_solver_alloc: handle clashing numbers in input grid.
- Pearl: fix assertion failure on bad puzzle.
- Pearl: fix bounds check in previous commit.
- Unequal: Don't insist that solve moves must actually solve
- Range: Don't fail an assertion on an all-black board
- Limit width and height to SHRT_MAX in Mines
- Mines: Add assertions to range-check conversions to short
- Unequal: fix sense error in latin_solver_alloc fix.
- Forbid impossible moves in Bridges
- Forbid game descriptions with joined islands in Bridges
- Check state is valid at the end of a move in Pearl
- Cleanly reject more ill-formed solve moves in Flood
- Don't allow moves that change the constraints in Unequal
- Fix memory leaks in Keen's validate_desc()
- Remember to free the actual_board array in Mosaic
- Don't leak grids in Loopy's validate_desc()
- Remember to free the to_draw member from Net's drawstate
- Undead: check the return value of sscanf() in execute_move()
- Don't leak duplicate edges in Untangle
- Remember to free the numcolours array from Pattern's drawstate
- Free new game_state properly in Mosaic's execute_move()
- Twiddle: don't read off the end of parameter strings ending 'm'
- Loopy: free the grid description string if it's invalid
- Mosaic: don't duplicate the description being validated
- Avoid division by zero in Cube grid-size checks
- Validate that save file values are ASCII (mostly)
- More validation of solve moves in Flood
- Make sure that moves in Flood use only valid colours
- Tighten grid-size limit in Mines
- Tracks: set drag_s{x,y} even if starting off-grid
- Undead: be a bit more careful about sprintf buffer sizes
- Fix memory leak in midend_game_id_int()
- Flood: don't read off the end of some parameter strings
- Be more careful with type of left operand of <<
- Map: reduce maximum size
- Correctly handle some short save files
- Inertia: insist that solutions must be non-empty
- Galaxies: fix recursion depth limit in solver.
- Correct a range check in Magnets' layout verification
- Magnets: add a check that magnets don't wrap between lines
- Net: assert that cx and cy are in range in compute_active()
- Don't allow zero clues in Pattern
* Solo: cope with pencil marks when tilesize == 1 (Closes: #905852)
Checksums-Sha1:
bdb81024d899de14c57659178783ba43a6554920 2047 sgt-puzzles_20230122.806ae71-2.dsc
8dfc2c1404c86acfe14df0a9021d6f7af729574d 128208 sgt-puzzles_20230122.806ae71-2.debian.tar.xz
c232c9bab7cb7d88a7149749b607e56dc2be4595 15341 sgt-puzzles_20230122.806ae71-2_amd64.buildinfo
Checksums-Sha256:
e48b18b74a85d7e0a300ab61bbbd106697b8abb7f19c2de9f263142fe147d92c 2047 sgt-puzzles_20230122.806ae71-2.dsc
ae22416cf16622fc230a7fa2d19022370152504c59920c9dbc58ec939d885848 128208 sgt-puzzles_20230122.806ae71-2.debian.tar.xz
d06e6e69fcd4dc0ff0f8cafa0c20674383a1b3cc0a3829f5a489844f0893ac11 15341 sgt-puzzles_20230122.806ae71-2_amd64.buildinfo
Files:
d1dc0d6fbda9cd69996e9687e2b14177 2047 games optional sgt-puzzles_20230122.806ae71-2.dsc
c8574e441c0cc595a4c8170ab86cec03 128208 games optional sgt-puzzles_20230122.806ae71-2.debian.tar.xz
57fe5666670ae112f50bbfe4fa62458a 15341 games optional sgt-puzzles_20230122.806ae71-2_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmQ8e1IACgkQ57/I7JWG
EQl6gg//fXFqSkqM2tGRiBvE20dZ/6jK3VYj/uYIYnyNn6pnvdAdfC2d6H5HyYXi
Zg34fw4BVgArwhIcAQjHa+Ix9Al3zSgn+X8H9DWMgrPh4ZXRW/otRi8fV8r3t8lx
XfURF0yysimEBkWaZ+6197yLLnnqEfGdJE/yufRR5gSZm1PeImAI6WsdI26WFC8u
KbytvaDMKyxxf319Q+njvK1zgrXjCPtNF4iZBqmkLzgi2RSVTOdeYc+yDgaXplKk
uqWSMlRvY7vnPDFJTbnpeJYYtD26tef7ejHbQO4N9mDqFqr8zsEIRPoR65PyRdaY
OzuKAHLIXd7M3ihlnpuU8RCBXtN4SYt1oiNw7XFmTcBPN02C2oTy+YtTsoldC5Rs
h0cQEybkndzrdbpMu7QROtuQXElXKfUmysj1+FhplfWF2FjjrbJ7fS+1bag44oQ2
zwmNH6TCY7LqBtqdu2dx3dOfO/RMNpSEWCjnajdeZEazHk387/iU7TSvCwN2wILz
BrB+xa8pasN+7Z1ZMfvxgPEF0syZeceYa91i0yZG4dI8/oscKKwUzZ62ETrb/U/q
vuehE/aISgFMf51MWHZVrYuQZqxLcr0d7nWnIJnWlq7ZgY9ThiwDCAs1phGjrRFE
j+2b6sEiP13W6LHs8GWrub12RClqrn6IwQp6vQnb9g6jS0GZuKo=
=FFmr
-----END PGP SIGNATURE-----