search

AOSC-Dev / aosc-os-abbs

ABBS/ACBS tree for AOSC OS package metadata, build configuration, scripts, and patches
https://packages.aosc.io
GNU General Public License v2.0
106 stars 85 forks source link

teeworlds: security update to 0.6.5 #1429

Closed l2dy closed 5 years ago

l2dy commented 6 years ago

CVE IDs: CVE-2018-18541

Other security advisory IDs: DSA-4329-1

Descriptions: https://teeworlds.com/?page=news&id=12544

0.6.5 released (posted by: heinrich5991) | 2018-10-13 Same story as with 0.6.3 and 0.6.4, again we're doing a release to fix a vulnerability. If you're actively playing Teeworlds, you likely already noticed that a lot of servers were full of "(connecting)" clients. This was possible because you could forge the connection packet in a way that made it seem like it came from an arbitrary IP address.

Architectural progress:

MingcongBai commented 5 years ago

Fixed with https://github.com/AOSC-Dev/aosc-os-abbs/commit/3c8b3aee6e08d9a553ae508f4634da90718be920. Closing.

l2dy commented 5 years ago

Use AOSA-2018-0456.