Fedora 28: scummvm Security Update
Summary
ScummVM is a program which allows you to run certain classic graphical
point-and-click adventure games, provided you already have their
data files.
ScummVM supports many adventure games, including LucasArts SCUMM games
(such as Monkey Island 1-3, Day of the Tentacle, Sam & Max, ...),
many of Sierra's AGI and SCI games (such as King's Quest 1-6,
Space Quest 1-5, ...), Discworld 1 and 2, Simon the Sorcerer 1 and 2,
Beneath A Steel Sky, Lure of the Temptress, Broken Sword 1 and 2,
Flight of the Amazon Queen, Gobliiins 1-3, The Legend of Kyrandia 1-3,
many of Humongous Entertainment's children's SCUMM games (including
Freddi Fish and Putt Putt games) and many more.
The complete list can be found on ScummVM's compatibility page:
https://scummvm.org/compatibility/2.0.0/
Update to 2.0.0 release. * Fixes CVE-2017-17528.
* Sun Apr 8 2018 Christian Krause
- update to latest upstream (BZ 1536755)
- add upstream patch for CVE-2017-17528 (and one follow-up patch, BZ 1528426,
BZ 1528425)
- turn off virtual keyboard (the keyboard pack files are not installed
and scummvm doesn't have a global search path for them on platform sdl/posix)
[ 1 ] Bug #1528425 - CVE-2017-17528 scummvm: Command injection in backends/platform/sdl/posix/posix.cpp
https://bugzilla.redhat.com/show_bug.cgi?id=1528425
su -c 'dnf upgrade --advisory FEDORA-2018-9a85d5af21' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
FEDORA-2018-9a85d5af21 2018-05-05 20:25:39.988805 Product : Fedora 28 Version : 2.0.0 Release : 1.fc28 URL : https://www.scummvm.org/ Summary : Interpreter for several adventure games Description : ScummVM is a program which allows you to run certain classic graphical point-and-click adventure games, provided you already have their data files. ScummVM supports many adventure games, including LucasArts SCUMM games (such as Monkey Island 1-3, Day of the Tentacle, Sam & Max, ...), many of Sierra's AGI and SCI games (such as King's Quest 1-6, Space Quest 1-5, ...), Discworld 1 and 2, Simon the Sorcerer 1 and 2, Beneath A Steel Sky, Lure of the Temptress, Broken Sword 1 and 2, Flight of the Amazon Queen, Gobliiins 1-3, The Legend of Kyrandia 1-3, many of Humongous Entertainment's children's SCUMM games (including Freddi Fish and Putt Putt games) and many more. The complete list can be found on ScummVM's compatibility page: https://scummvm.org/compatibility/2.0.0/ Update to 2.0.0 release. * Fixes CVE-2017-17528. * Sun Apr 8 2018 Christian Krause - 2.0.0-1 - update to latest upstream (BZ 1536755) - add upstream patch for CVE-2017-17528 (and one follow-up patch, BZ 1528426, BZ 1528425) - turn off virtual keyboard (the keyboard pack files are not installed and scummvm doesn't have a global search path for them on platform sdl/posix) [ 1 ] Bug #1528425 - CVE-2017-17528 scummvm: Command injection in backends/platform/sdl/posix/posix.cpp https://bugzilla.redhat.com/show_bug.cgi?id=1528425 su -c 'dnf upgrade --advisory FEDORA-2018-9a85d5af21' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ package-announce mailing list -- package-announce@lists.fedoraproject.org To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Change Log
References
Update Instructions
