[Pkg-games-ubuntu] [Bug 1486946] Re: Server security vulnerability
Launchpad Bug Tracker
1486946 at bugs.launchpad.net
Thu Aug 20 23:08:18 UTC 2015
This bug was fixed in the package teeworlds -
0.6.2+dfsg-2~build0.14.04.1
---------------
teeworlds (0.6.2+dfsg-2~build0.14.04.1) trusty-security; urgency=medium
* fake sync from Debian (LP: #1486946)
teeworlds (0.6.2+dfsg-2) unstable; urgency=high
* Fix a server crash that is remotely exploitable. (Closes: #770514)
- Add fixed_a_server_crash.patch, cherry picked from 0.6.3.
-- Steve Beattie <sbeattie at ubuntu.com> Thu, 20 Aug 2015 14:55:28 -0700
** Changed in: teeworlds (Ubuntu)
Status: Incomplete => Fix Released
--
You received this bug notification because you are a member of
Debian/Ubuntu Games Team, which is subscribed to teeworlds in Ubuntu.
https://bugs.launchpad.net/bugs/1486946
Title:
Server security vulnerability
Status in teeworlds package in Ubuntu:
Fix Released
Status in teeworlds package in Debian:
Fix Released
Bug description:
Teeworlds 0.6.3 released a security fix for an exploitable server bug ("Memory reads, Segmentation Fault"): https://www.teeworlds.com/?page=news&id=11200
Debian has already backported the fix to 0.6.2: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=770514
This fix (affecting teeworlds-server) is already included in vivid and wily, but should be backported to older but still supported Ubuntu releases.
Teeworlds 0.6.3 also fixed a bug in the client, which seems not to
have been included in the current Debian release: "Fix client crash
when opening a map with an invalid version"
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/teeworlds/+bug/1486946/+subscriptions
More information about the Pkg-games-ubuntu
mailing list