freeciv 2.3.2-1+deb7u1 source package in Debian
Changelog
freeciv (2.3.2-1+deb7u1) stable; urgency=medium
* Fix CVE-2012-5645 and CVE-2012-6083.
- CVE-2012-5645: Added return value indicating success or failure for all
dio_get_xxx() functions, and check that value to avoid infinite loop in
reading arrays from network when there's no more data even though it's
expected.
- CVE-2012-6083: Sanity check packet length received over network against
values less than header length alone to avoid situation where body length
is considered negative.
-- Markus Koschany <email address hidden> Tue, 11 Feb 2014 14:27:45 +0100
Upload details
- Uploaded by:
- Debian Games Group
- Uploaded to:
- Wheezy
- Original maintainer:
- Debian Games Group
- Architectures:
- any all
- Section:
- games
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Wheezy | release | main | games |
Builds
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| freeciv_2.3.2-1+deb7u1.dsc | 2.6 KiB | caa0fcc006e09aeeb17a82b00fb10953126e3f9a3c0130ce0f64cec8fd76d9ed |
| freeciv_2.3.2.orig.tar.bz2 | 29.3 MiB | 95b1c8cb1bc859abc883221e3e89f67a53799071fdb1fea7b8727fbab0cb4c4e |
| freeciv_2.3.2-1+deb7u1.debian.tar.gz | 25.7 KiB | de5a2ab251bd783a0109fdf88d007e0674e8aa25b28048498c799c8b2d80f8f2 |
No changes file available.
