Debian Package Tracker

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted sgt-puzzles 20230122.806ae71-2 (source) into unstable
Date: Mon, 17 Apr 2023 00:03:58 +0000
Signed by: Ben Hutchings <benh@debian.org>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 16 Apr 2023 21:19:11 +0200
Source: sgt-puzzles
Architecture: source
Version: 20230122.806ae71-2
Distribution: unstable
Urgency: medium
Maintainer: Ben Hutchings <benh@debian.org>
Changed-By: Ben Hutchings <benh@debian.org>
Closes: 905852 1034190
Changes:
 sgt-puzzles (20230122.806ae71-2) unstable; urgency=medium
 .
   * Fix various security issues in game loading (Closes: #1034190):
     - Black Box: reject negative ball counts in game_params.
     - Add validate_params bounds checks in a few more games.
     - Don't allow Bridges games with < 2 islands
     - Forbid moves that fill with the current colour in Flood
     - Cleanly reject ill-formed solve moves in Flood
     - Don't segfault on premature solve moves in Mines
     - Limit number of mines in Mines game description
     - Validate the number of pegs and holes in a Pegs game ID
     - Mines: forbid moves that flag or unflag an exposed square
     - Mines: Don't check if the player has won if they've already lost
     - Avoid invalid moves when solving Tracks
     - Fix move validation in Netslide
     - Tighten validation of Tents game descriptions
     - Dominosa: require the two halves of a domino to be adjacent
     - Forbid lines off the grid in Pearl
     - Tolerate incorrect solutions in Inertia
     - Palisade: replace dfs_dsf() with a simple iteration.
     - latin_solver_alloc: handle clashing numbers in input grid.
     - Pearl: fix assertion failure on bad puzzle.
     - Pearl: fix bounds check in previous commit.
     - Unequal: Don't insist that solve moves must actually solve
     - Range: Don't fail an assertion on an all-black board
     - Limit width and height to SHRT_MAX in Mines
     - Mines: Add assertions to range-check conversions to short
     - Unequal: fix sense error in latin_solver_alloc fix.
     - Forbid impossible moves in Bridges
     - Forbid game descriptions with joined islands in Bridges
     - Check state is valid at the end of a move in Pearl
     - Cleanly reject more ill-formed solve moves in Flood
     - Don't allow moves that change the constraints in Unequal
     - Fix memory leaks in Keen's validate_desc()
     - Remember to free the actual_board array in Mosaic
     - Don't leak grids in Loopy's validate_desc()
     - Remember to free the to_draw member from Net's drawstate
     - Undead: check the return value of sscanf() in execute_move()
     - Don't leak duplicate edges in Untangle
     - Remember to free the numcolours array from Pattern's drawstate
     - Free new game_state properly in Mosaic's execute_move()
     - Twiddle: don't read off the end of parameter strings ending 'm'
     - Loopy: free the grid description string if it's invalid
     - Mosaic: don't duplicate the description being validated
     - Avoid division by zero in Cube grid-size checks
     - Validate that save file values are ASCII (mostly)
     - More validation of solve moves in Flood
     - Make sure that moves in Flood use only valid colours
     - Tighten grid-size limit in Mines
     - Tracks: set drag_s{x,y} even if starting off-grid
     - Undead: be a bit more careful about sprintf buffer sizes
     - Fix memory leak in midend_game_id_int()
     - Flood: don't read off the end of some parameter strings
     - Be more careful with type of left operand of <<
     - Map: reduce maximum size
     - Correctly handle some short save files
     - Inertia: insist that solutions must be non-empty
     - Galaxies: fix recursion depth limit in solver.
     - Correct a range check in Magnets' layout verification
     - Magnets: add a check that magnets don't wrap between lines
     - Net: assert that cx and cy are in range in compute_active()
     - Don't allow zero clues in Pattern
   * Solo: cope with pencil marks when tilesize == 1 (Closes: #905852)
Checksums-Sha1:
 bdb81024d899de14c57659178783ba43a6554920 2047 sgt-puzzles_20230122.806ae71-2.dsc
 8dfc2c1404c86acfe14df0a9021d6f7af729574d 128208 sgt-puzzles_20230122.806ae71-2.debian.tar.xz
 c232c9bab7cb7d88a7149749b607e56dc2be4595 15341 sgt-puzzles_20230122.806ae71-2_amd64.buildinfo
Checksums-Sha256:
 e48b18b74a85d7e0a300ab61bbbd106697b8abb7f19c2de9f263142fe147d92c 2047 sgt-puzzles_20230122.806ae71-2.dsc
 ae22416cf16622fc230a7fa2d19022370152504c59920c9dbc58ec939d885848 128208 sgt-puzzles_20230122.806ae71-2.debian.tar.xz
 d06e6e69fcd4dc0ff0f8cafa0c20674383a1b3cc0a3829f5a489844f0893ac11 15341 sgt-puzzles_20230122.806ae71-2_amd64.buildinfo
Files:
 d1dc0d6fbda9cd69996e9687e2b14177 2047 games optional sgt-puzzles_20230122.806ae71-2.dsc
 c8574e441c0cc595a4c8170ab86cec03 128208 games optional sgt-puzzles_20230122.806ae71-2.debian.tar.xz
 57fe5666670ae112f50bbfe4fa62458a 15341 games optional sgt-puzzles_20230122.806ae71-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEErCspvTSmr92z9o8157/I7JWGEQkFAmQ8e1IACgkQ57/I7JWG
EQl6gg//fXFqSkqM2tGRiBvE20dZ/6jK3VYj/uYIYnyNn6pnvdAdfC2d6H5HyYXi
Zg34fw4BVgArwhIcAQjHa+Ix9Al3zSgn+X8H9DWMgrPh4ZXRW/otRi8fV8r3t8lx
XfURF0yysimEBkWaZ+6197yLLnnqEfGdJE/yufRR5gSZm1PeImAI6WsdI26WFC8u
KbytvaDMKyxxf319Q+njvK1zgrXjCPtNF4iZBqmkLzgi2RSVTOdeYc+yDgaXplKk
uqWSMlRvY7vnPDFJTbnpeJYYtD26tef7ejHbQO4N9mDqFqr8zsEIRPoR65PyRdaY
OzuKAHLIXd7M3ihlnpuU8RCBXtN4SYt1oiNw7XFmTcBPN02C2oTy+YtTsoldC5Rs
h0cQEybkndzrdbpMu7QROtuQXElXKfUmysj1+FhplfWF2FjjrbJ7fS+1bag44oQ2
zwmNH6TCY7LqBtqdu2dx3dOfO/RMNpSEWCjnajdeZEazHk387/iU7TSvCwN2wILz
BrB+xa8pasN+7Z1ZMfvxgPEF0syZeceYa91i0yZG4dI8/oscKKwUzZ62ETrb/U/q
vuehE/aISgFMf51MWHZVrYuQZqxLcr0d7nWnIJnWlq7ZgY9ThiwDCAs1phGjrRFE
j+2b6sEiP13W6LHs8GWrub12RClqrn6IwQp6vQnb9g6jS0GZuKo=
=FFmr
-----END PGP SIGNATURE-----
News for package sgt-puzzles
