NetHack 3.6.x before 3.6.4 is prone to a buffer overflow vulnerability when reading very long lines from configuration files. This affects systems that have NetHack installed suid/sgid, and shared systems that allow users to upload their own configuration files.
Created nethack tracking bugs for this issue:
Affects: epel-8 [bug 1789080]
Affects: fedora-all [bug 1789079]
Way ahead of you; Nethack 3.6.4 is already available everywhere:
Is there something more that needs to be done, or can all these tickets be closed?
In reply to comment #2:
> Way ahead of you; Nethack 3.6.4 is already available everywhere:
> Is there something more that needs to be done, or can all these tickets be
Thank you for letting me know that! The tickets can be closed.