oss-sec mailing list archives
CVE Request: teeworlds: possible remote code execution on teeworlds client
From: Salvatore Bonaccorso <carnil () debian org>
Date: Wed, 16 Nov 2016 20:33:56 +0100
Hi teeworlds, a online multi-player platform 2D shooter, released a new upstream version 0.6.4 stating the following in the news:
0.6.4 released - another security fix (posted by: heinrich5991) | 2016-11-13 As with the 0.6.3 release, a reported security vulnerability motivated this release: This time, the security vulnerability is worse, attacker controlled memory-writes and possibly arbitrary code execution on the client, abusable by any server the client joins.
https://www.teeworlds.com/?page=news&id=12086 Upstream fix: https://github.com/teeworlds/teeworlds/commit/ff254722a2683867fcb3e67569ffd36226c4bc62 Bug report in Debian: https://bugs.debian.org/844546 Could you assign a CVE for this issue? Regards, Salvatore
Current thread:
- CVE Request: teeworlds: possible remote code execution on teeworlds client Salvatore Bonaccorso (Nov 16)
- Re: CVE Request: teeworlds: possible remote code execution on teeworlds client cve-assign (Nov 17)