Your message dated Thu, 17 Nov 2016 21:10:46 +0000 with message-id <e1c7txg-000bvg...@fasolo.debian.org> and subject line Bug#844546: fixed in teeworlds 0.6.4+dfsg-1 has caused the Debian Bug report #844546, regarding teeworlds: possible remote code execution on the client to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 844546: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=844546 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: teeworlds Version: 0.6.1+dfsg-1 Severity: grave Tags: security Justification: user security hole teeworlds upstream has released version 0.6.4. https://www.teeworlds.com/?page=news&id=12086 says > the security vulnerability is worse, attacker controlled memory-writes and > possibly arbitrary code execution on the client, abusable by any server the > client joins The upstream fix: https://github.com/teeworlds/teeworlds/commit/ff254722a2683867fcb3e67569ffd36226c4bc62 There doesn't seem to be a CVE assigned to this vulnerability. Felix
--- End Message ---
--- Begin Message ---Source: teeworlds Source-Version: 0.6.4+dfsg-1 We believe that the bug you reported is fixed in the latest version of teeworlds, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 844...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Felix Geyer <fge...@debian.org> (supplier of updated teeworlds package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Thu, 17 Nov 2016 20:57:15 +0100 Source: teeworlds Binary: teeworlds teeworlds-server teeworlds-data Architecture: source Version: 0.6.4+dfsg-1 Distribution: unstable Urgency: high Maintainer: Debian Games Team <pkg-games-de...@lists.alioth.debian.org> Changed-By: Felix Geyer <fge...@debian.org> Description: teeworlds - online multi-player platform 2D shooter teeworlds-data - data for Teeworlds; an online multi-player platform 2D shooter teeworlds-server - server for Teeworlds; an online multi-player platform 2D shooter Closes: 844546 Changes: teeworlds (0.6.4+dfsg-1) unstable; urgency=high . * New upstream release. - Fixes possible remote code execution on the client. (Closes: #844546) * Refresh new-wavpack.patch * Drop patches that have been fixed upstream: - fix-gcc6-rename-round.patch - fix-gcc6-var-types.patch - reset-nethash.patch Checksums-Sha1: d3643df6cedba2b5e02c94b59a8d2c3c5f808950 2249 teeworlds_0.6.4+dfsg-1.dsc 485599e6943352cae713782c2c9dfe48d04f1654 7046740 teeworlds_0.6.4+dfsg.orig.tar.gz 09148a5c0d0c906ed4baabf2e32d0e0c4b655857 8196 teeworlds_0.6.4+dfsg-1.debian.tar.xz Checksums-Sha256: dcdc77474a44eae1b67268495697d67eaf24f87e575f9fd48a8dc2360d644907 2249 teeworlds_0.6.4+dfsg-1.dsc 62286ee7c786dc565f42864ca23dd02a6b4ba7b52ed54014145ec9724a2df045 7046740 teeworlds_0.6.4+dfsg.orig.tar.gz e16674531f71e67f00810f1f2c60fecac67f1e30b27b7729cd5a30fbc904145a 8196 teeworlds_0.6.4+dfsg-1.debian.tar.xz Files: c176510c4ca619ed9bedb45488ffaf7e 2249 games optional teeworlds_0.6.4+dfsg-1.dsc d24bd8b9b68a403adcdd6b2cfb485c13 7046740 games optional teeworlds_0.6.4+dfsg.orig.tar.gz 984b4fcb8f6de3daa849f6d246c11115 8196 games optional teeworlds_0.6.4+dfsg-1.debian.tar.xz -----BEGIN PGP SIGNATURE----- iQIcBAEBCgAGBQJYLgv0AAoJEP4ixv2DE11FVHIQAJvbgTB7VE5cYkk6TU8dlJBM /xmpZA78pxWRkNthBbDnu1MEFZau1SyhjCxdvzCZxlwMXhLXoQ00ywkrsdM4AeIl QkVBxzrD6dYFe7LgoogMbWfFipsrkq+FvrubcR3gBdvMB3dk+3unvh5M0+J6cPIh uKIw8MaHcRSYoIxQ6Aa3DHIAm9utYK4xZ5vgFhA7qbDOfYXKTkE7WLqUESOoVGb0 1K9j5FnC6GvONIDQtssjyVJnKswNkKfJnQ9acjIb3wN4L6tI2yxbC92mxUNgIWsk xzQns/xaqq/3rQToGd8xT3x3qq92MMij9C42GGF8cvHjOsiQ3nK30ermbSG/nacR VCw2S5LszI6HE3cLfjjbHpAxWIkHSKUVVtLiVw/xtq2S4zl1d1yu28S1UQCixuNc e5Q6OKmWsGgyLGKB55z+msF1r99//Lyvxplxs2cMDYXT9Co5AnCLVutmAArvwehR VMlfVn2f+J+y6GYuEzqfEcB+cEqYxJZrPzkV1M2I45GrfHC4Y5xTRaSQDo9IHAyv aDCxWyWU3wTijGwl55HGn5txpTmMwDCn3/ul/t4nOv0XzvgmntrfNctmqy+p5Ruq 9Da8cPC8FypPjdUasm8nGNWz+Tx4BXcemSrU6HknboFo1KgVhyCdkDuvq32smEjZ +5uMFPMv57zj3Hxnhzv8 =Zo1U -----END PGP SIGNATURE-----
--- End Message ---
