Commit Graph

4 Commits

Author SHA1 Message Date
Ross Charles Campbell
378fd39928 dev-games/godot: fix CVE-2021-26825
An integer overflow issue exists in Godot Engine up to v3.2 that can
be triggered when loading specially crafted.TGA image files. The
vulnerability exists in ImageLoaderTGA::load_image() function at line:

const size_t buffer_size = (tga_header.image_width * tga_header.image_height) * pixel_size;

The bug leads to Dynamic stack buffer overflow. Depending on the
context of the application, attack vector can be local or remote,
and can lead to code execution and/or system crash.

Reference: https://nvd.nist.gov/vuln/detail/CVE-2021-26825
Reference: https://github.com/godotengine/godot/pull/45702
Closes: https://bugs.gentoo.org/769761
Package-Manager: Portage-3.0.14, Repoman-3.0.2
Signed-off-by: Ross Charles Campbell <rossbridger.cc@gmail.com>
2021-02-10 13:05:06 +08:00
Ross Charles Campbell
5f14f97d12 dev-games/godot: corrects LICENSE
Closes: https://bugs.gentoo.org/765553
Package-Manager: Portage-3.0.13, Repoman-3.0.2
Signed-off-by: Ross Charles Campbell <rossbridger.cc@gmail.com>
2021-01-16 07:13:53 +08:00
Theo Anderson
d6597bb930 dev-games/godot: use https HOMEPAGE
Package-Manager: Portage-3.0.12, Repoman-3.0.2
Signed-off-by: Theo Anderson <telans@posteo.de>
2021-01-04 19:39:49 +13:00
Ross Charles Campbell
a4c500da08 dev-games/godot: New Package
Closes: https://bugs.gentoo.org/532730
Closes: https://github.com/gentoo/gentoo/pull/17874
Package-Manager: Portage-3.0.12, Repoman-3.0.2
Signed-off-by: Ross Charles Campbell <rossbridger.cc@gmail.com>
2021-01-02 23:59:18 +08:00