MGASA-2021-0250 - Updated gnuchess package fix a security vulnerability

Publication date: 13 Jun 2021
Type: security
Affected Mageia releases: 7, 8
CVE: CVE-2021-30184

GNU Chess 6.2.7 allows attackers to execute arbitrary code via crafted PGN 
(Portable Game Notation) data. This is related to a buffer overflow in the 
use of a .tmp.epd temporary file in the cmd_pgnload and cmd_pgnreplay 
functions in frontend/ (CVE-2021-30184).

-[email protected]/thread/QC74RWMDLSQGV6Z3ZABNTPABB33S4YNF/

- 8/core/gnuchess-6.2.7-1.1.mga8
- 7/core/gnuchess-6.2.6-1.1.mga7