[Pkg-freeciv-devel] Bug#302702: freeciv-server: Do the server DoS vulnerabilities fixed in 2.0 rc1 affect 1.14 as well?

Moritz Muehlenhoff Moritz Muehlenhoff <jmm@inutil.org>, 302702@bugs.debian.org
Sat, 02 Apr 2005 14:43:45 +0200


Package: freeciv-server
Version: 1.14.2-1
Severity: important
Tags: security

Dear Freeciv maintainers,
the changelog for 2.0rc1 mentioned
 * Fixed several security problems with the network code (a client could
   trigger a server crash).

Do these affect 1.14 as well? If so and Freeciv 2.0 comes too late for
Sarge, could you please backport them to 1.14.2?

Cheers,
        Moritz

-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.11
Locale: LANG=C, LC_CTYPE=de_DE.ISO-8859-15@euro (charmap=ISO-8859-15)

Versions of packages freeciv-server depends on:
ii  freeciv-data                1.14.2-1     Civilization turn based strategy g
ii  libc6                       2.3.2.ds1-20 GNU C Library: Shared libraries an
ii  libreadline4                4.3-15       GNU readline and history libraries
ii  zlib1g                      1:1.2.2-4    compression library - runtime

-- no debconf information