Difference between revisions of "NetHack 3.6.6"
Jump to navigation
Jump to search
m (add references and noversion) |
m (→Significant changes: Grammar/style) |
||
| Line 9: | Line 9: | ||
'''This release fixes [[Security#CVE-2020-5254|CVE-2020-5254]].'''<ref>https://nethack.org/security/CVE-2020-5254.html</ref> As with the security bugs fixed in [[3.6.4]] and [[NetHack 3.6.5|3.6.5]], this bug was reported to the [[DevTeam]] by security researcher David Mendenhall, who also explained that the bug can be used to glitch the game.<ref>https://dpmendenhall.blogspot.com/2020/03/nethack-366-or-how-to-glitch-nethack.html</ref> | '''This release fixes [[Security#CVE-2020-5254|CVE-2020-5254]].'''<ref>https://nethack.org/security/CVE-2020-5254.html</ref> As with the security bugs fixed in [[3.6.4]] and [[NetHack 3.6.5|3.6.5]], this bug was reported to the [[DevTeam]] by security researcher David Mendenhall, who also explained that the bug can be used to glitch the game.<ref>https://dpmendenhall.blogspot.com/2020/03/nethack-366-or-how-to-glitch-nethack.html</ref> | ||
| − | There were some other | + | There were some other fixes<ref>https://nethack.org/v366/release.html</ref>: |
* Formatting [[corpse]] names used internal buffers differently from formatting other objects and could potentially clobber memory | * Formatting [[corpse]] names used internal buffers differently from formatting other objects and could potentially clobber memory | ||
* Avoid divide by 0 crash if 'bogusmon' (file of bogus monster types) is empty | * Avoid divide by 0 crash if 'bogusmon' (file of bogus monster types) is empty | ||
Latest revision as of 03:34, 7 March 2021
|
NetHack Versions |
|
|
|
|
|
|
|
|
NetHack 3.6.6 is the 36th public release of NetHack. It was released on March 8th, 2020. This release fixes a security vulnerability that existed in versions 3.6.1, 3.6.2, 3.6.3, 3.6.4 and 3.6.5, as well as some more minor bugs. There were no new gameplay features.[1]
Availability
NetHack 3.6.6 is available from the official NetHack website.
Significant changes
This release fixes CVE-2020-5254.[2] As with the security bugs fixed in 3.6.4 and 3.6.5, this bug was reported to the DevTeam by security researcher David Mendenhall, who also explained that the bug can be used to glitch the game.[3]
There were some other fixes[4]:
- Formatting corpse names used internal buffers differently from formatting other objects and could potentially clobber memory
- Avoid divide by 0 crash if 'bogusmon' (file of bogus monster types) is empty
- Avoid #wizrumorcheck crash if either 'rumors.tru' or 'rumors.fal' or both were empty when makedefs built 'rumors'
- Avoid "'s glorkum pass harmlessly through the shade" for weaponless monsters
References
