Debian Security Advisory DSA 378-1 - Two vulnerabilities have been found in the Mah-Jong server version 1.4 and below. One enables a remote attacker to gain privileges of the user running the server while the other leads to a denial of service.
e161375ef6c09ff61f2b741e2582fbe332bd1e3fe1defc1ddc1487c6dd51bda2