[Pkg-games-ubuntu] [Bug 818098] Re: Freeciv client runs another program from *working* directory
KarlGoetz
karl at kgoetz.id.au
Fri Mar 9 09:51:45 UTC 2012
On Fri, 09 Mar 2012 09:38:09 -0000
Daniel Holbach <daniel.holbach at ubuntu.com> wrote:
> Thanks for the bug report. This was fixed in 12.04, which has 2.3.1.
> If you feel this needs to be fixed in older releases, you might want
> to follow https://wiki.ubuntu.com/SRU
>
> ** Changed in: freeciv (Ubuntu)
> Status: Confirmed => Fix Released
>
Hi Daniel,
thanks for that. Sorry i forgot to set the Closes: in the changelog.
kk
--
Karl Goetz, (Kamping_Kaiser / VK7FOSS)
http://www.kgoetz.id.au
No, I won't join your social networking group
*** I've changed GPG key to 6C097260 ***
--
You received this bug notification because you are a member of
Debian/Ubuntu Games Team, which is subscribed to freeciv in Ubuntu.
https://bugs.launchpad.net/bugs/818098
Title:
Freeciv client runs another program from *working* directory
Status in Freeciv Game:
Fix Released
Status in “freeciv” package in Ubuntu:
Fix Released
Bug description:
Freeciv client can internally launch server for itself. For development
purposes, it *prefers* to run server as program named "ser" (or server
/freeciv-server) under current working directory. There is some
potential for attacker to place his own program named ser in world
writable directory and to trick user to run freeciv client in that
directory.
Upstream patch for this is at http://gna.org/patch/index.php?2827
To manage notifications about this bug go to:
https://bugs.launchpad.net/freeciv/+bug/818098/+subscriptions
More information about the Pkg-games-ubuntu
mailing list