Debian Security Advisory DSA 484-1 - Steve Kemp discovered a vulnerability in xonix, a game, where an external program was invoked while retaining setgid privileges. A local attacker could exploit this vulnerability to gain gid games.
95a2e6f0eb8456498067248b6ff0d47a81a32f4f950f5e93366646d58927a210