[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
New FreeDink DFArc frontend 3.14 release
|
From: |
beuc |
|
Subject: |
New FreeDink DFArc frontend 3.14 release |
|
Date: |
Wed, 6 Jun 2018 21:08:12 +0200 |
|
User-agent: |
Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.8.0 |
Hi,
Here's a new release of DFArc, a frontend to run the GNU FreeDink game
and manage its numerous add-on adventures or D-Mods :)
https://ftp.gnu.org/pub/gnu/freedink/dfarc-3.14.tar.gz
This release fixes CVE-2018-0496: Sylvain Beucler and Dan Walma
discovered several directory traversal issues in DFArc (as well as in
the RTsoft's Dink Smallwood HD / ProtonSDK version), allowing an
attacker to overwrite arbitrary files on the user's system.
Also in this release:
- New Swedish and Friulian translations.
- Updated Catalan, Brazilian Portuguese and Spanish translations.
- Fix crash when clicking on 'Package' when there is no D-Mod present.
- Compilation fixes for OS X.
- Reproducible build process for Windows (as well as GNU/Linux depending
on your distro) - see https://reproducible-builds.org/
A note about distros security support:
- Debian Security team graciously issued a CVE ID under 72h but declined
both a security upload and a rationale on their choice; fix diverted to
the next ~quarterly point release
- Fedora/RedHat security did not answer after 6 days; fortunately Fedora
is flexible enough to allow package maintainers to upgrade DFArc in
previous releases on their own
- Gentoo Security did not answer after 7 days
- FreeBSD ports and Mageia packagers were contacted but did not answer
- In Arch, package still stuck between orphaned and deleted state due to
a 2017 bug
It seems security support for packages without large user base and/or
games is delayed significantly at best.
About GNU FreeDink:
Dink Smallwood is an adventure/role-playing game, similar to Zelda, made
by RTsoft. Besides twisted humor, it includes the actual game editor,
allowing players to create hundreds of new adventures called Dink
Modules or D-Mods for short.
GNU FreeDink is a new and portable version of the game engine, which
runs the original game as well as its D-Mods, with close
compatibility, under multiple platforms.
DFArc is an integrated frontend, .dmod installer and .dmod archiver for
the Dink Smallwood game engine.
| [Prev in Thread] |
Current Thread |
[Next in Thread] |
- New FreeDink DFArc frontend 3.14 release,
beuc <=