severity 986801 grave thanks Am Wed, Jun 02, 2021 at 04:36:52PM +0200 schrieb Sebastian Pipping: > Hi Debian, > > > just a quick note that GNU Chess 6.2.8 is vulnerable too (and that I'm > in touch with NVD to mark 8.2.8 as vulnerable in NVD). > > This is the patch for CVE-2021-30184 for both GNU Chess 6.2.7 and 6.2.8 > that I derived from Michael Vaughan's prior work for Gentoo, earlier today: > https://github.com/gentoo/gentoo/blob/master/games-board/gnuchess/files/gnuchess-6.2.8-cve-2021-30184.patch
This is fixed upstream in 6.2.9: http://git.savannah.gnu.org/cgit/chess.git/commit/?id=f6a65783ebb41bb87811e57754e65933550a44c0 Cheers, Moritz
