[Pkg-games-ubuntu] [Bug 1486946] [NEW] Server security vulnerability

pcworld 1486946 at bugs.launchpad.net
Thu Aug 20 10:44:57 UTC 2015 

*** This bug is a security vulnerability ***

Public security bug reported:

Teeworlds 0.6.3 released a security fix for an exploitable server bug ("Memory reads, Segmentation Fault"): https://www.teeworlds.com/?page=news&id=11200
Debian has already backported the fix to 0.6.2: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770514
This fix (affecting teeworlds-server) is already included in vivid and wily, but should be backported to older but still supported Ubuntu releases.

Teeworlds 0.6.3 also fixed a bug in the client, which seems not to have
been included in the current Debian release: "Fix client crash when
opening a map with an invalid version"

** Affects: teeworlds (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: teeworlds (Debian)
     Importance: Unknown
         Status: Unknown


** Tags: precise trusty utopic

** Information type changed from Private Security to Public Security

** Bug watch added: Debian Bug tracker #770514
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770514

** Also affects: teeworlds (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770514
   Importance: Unknown
       Status: Unknown

-- 
You received this bug notification because you are a member of
Debian/Ubuntu Games Team, which is subscribed to teeworlds in Ubuntu.
https://bugs.launchpad.net/bugs/1486946

Title:
  Server security vulnerability

Status in teeworlds package in Ubuntu:
  New
Status in teeworlds package in Debian:
  Unknown

Bug description:
  Teeworlds 0.6.3 released a security fix for an exploitable server bug ("Memory reads, Segmentation Fault"): https://www.teeworlds.com/?page=news&id=11200
  Debian has already backported the fix to 0.6.2: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770514
  This fix (affecting teeworlds-server) is already included in vivid and wily, but should be backported to older but still supported Ubuntu releases.

  Teeworlds 0.6.3 also fixed a bug in the client, which seems not to
  have been included in the current Debian release: "Fix client crash
  when opening a map with an invalid version"

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/teeworlds/+bug/1486946/+subscriptions

More information about the Pkg-games-ubuntu mailing list