We have released an update to the beta, run the hldsupdatetool with "-beta hlbeta" to get this update. Changes for this update are:
- rolled back previous sv_downloadurl and dlfile changes, added some more checks to prevent inappropriate dlfile calls at other times - Increased "sv_filetransfermaxsize" back to 10mbytes by default - Added "sv_allow_dlfile" cvar, set this to 0 to disable using dlfile at all (useful safe valve if getting hit by this attack) - Allow up to 128 mbyte heap via -heapsize command (up from previous 40mbytes), for some 3rd party games - Added sv_logsecret support, same implementation as on Source engine - Rate limit user voice data to one per frame, fixes voice_inputdata exploit. If you run 1000FPS server and still have a problem, stop running a 1000FPS server. > -----Original Message----- > From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux- > boun...@list.valvesoftware.com] On Behalf Of Alfred Reynolds > Sent: Monday, July 18, 2011 10:37 AM > To: Half-Life dedicated Linux server mailing list; > 'h...@list.valvesoftware.com'; 'hlds_annou...@list.valvesoftware.com' > Subject: Re: [hlds_linux] Half-Life 1 engine beta update released > > I received a couple bug reports over the weekend so I am going to take > the time to dig into those, expect another beta release or two before a > full release. > > > -----Original Message----- > > From: hlds_linux-boun...@list.valvesoftware.com [mailto:hlds_linux- > > boun...@list.valvesoftware.com] On Behalf Of Alfred Reynolds > > Sent: Friday, July 15, 2011 1:29 PM > > To: 'h...@list.valvesoftware.com'; Half-Life dedicated Linux server > > mailing list; 'hlds_annou...@list.valvesoftware.com' > > Subject: Re: [hlds_linux] Half-Life 1 engine beta update released > > > > We have released an update to the beta, run the hldsupdatetool with > "- > > beta hlbeta" to get this update. Changes for this update are: > > > > - more input checking on some MSG_X functions > > > > There were no known exploits this is fixing but better safe than > sorry. > > My plan is to release this publically on Monday, so make sure you try > > these new binaries over the weekend. > > > > - Alfred > > > > > -----Original Message----- > > > From: hlds-boun...@list.valvesoftware.com [mailto:hlds- > > > boun...@list.valvesoftware.com] On Behalf Of Alfred Reynolds > > > Sent: Monday, July 11, 2011 4:04 PM > > > To: 'h...@list.valvesoftware.com'; Half-Life dedicated Linux server > > > mailing list; 'hlds_annou...@list.valvesoftware.com' > > > Subject: Re: [hlds] Half-Life 1 engine beta update released > > > > > > We have released an update to the beta, run the hldsupdatetool with > > "- > > > beta hlbeta" to get this update. Changes for this update are: > > > > > > - Changed sv_filetransfermaxsize to 1mbyte by default > > > - Disallow the dlfile command if the server is configured with a > > > sv_downloadurl > > > > > > > > > The dlfile command is used internally by the engine to allow users > to > > > download custom maps using the in-game channel, unfortunately the > > > processing for large files is done inline and can stall the server. > > Re- > > > architecting this is beyond the scope for HL1 so the solution would > > be > > > to use the sv_downloadurl feature if you want to host custom > content > > > (or increase the sv_filetransfermaxsize cvar but risk your server > FPS > > > stuttering). > > > > > > - Alfred > > > > > > > -----Original Message----- > > > > From: hlds-boun...@list.valvesoftware.com [mailto:hlds- > > > > boun...@list.valvesoftware.com] On Behalf Of Alfred Reynolds > > > > Sent: Thursday, July 07, 2011 6:20 PM > > > > To: Half-Life dedicated Linux server mailing list; > > > > 'h...@list.valvesoftware.com'; > > 'hlds_annou...@list.valvesoftware.com' > > > > Subject: [hlds] Half-Life 1 engine beta update released > > > > > > > > We have released a beta update for Half-Life 1 engine based games > > > > (Half-Life, Counter-Strike 1.6, Day of Defeat, etc). To grab this > > > > update run the hldsupdatetool with "-beta hlbeta" on the command > > > line. > > > > This update continues on some exploit fixes we have already > shipped > > > > within this beta. > > > > > > > > Changes: > > > > - Added sv_filetransfermaxsize cvar to limit the size of a file a > > > > server will try to send to a client, by default 10mbytes. > > > > - Prevented halflife.wad from being downloaded from a server > (fixes > > > > server hang/stall). > > > > > > > > > > > > There is also a couple client side fixes, if you run your Steam > > > client > > > > with "-beta hlbeta" on its command line and run Half-Life games > you > > > > will have some fixes that prevent server redirection. > > > > > > > > > > > > > > > > - Alfred > > > > > > > > _______________________________________________ > > > > To unsubscribe, edit your list preferences, or view the list > > > archives, > > > > please visit: > > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > > > _______________________________________________ > > > To unsubscribe, edit your list preferences, or view the list > > archives, > > > please visit: > > > http://list.valvesoftware.com/mailman/listinfo/hlds > > > > _______________________________________________ > > To unsubscribe, edit your list preferences, or view the list > archives, > > please visit: > > http://list.valvesoftware.com/mailman/listinfo/hlds_linux > > _______________________________________________ > To unsubscribe, edit your list preferences, or view the list archives, > please visit: > http://list.valvesoftware.com/mailman/listinfo/hlds_linux _______________________________________________ To unsubscribe, edit your list preferences, or view the list archives, please visit: http://list.valvesoftware.com/mailman/listinfo/hlds_linux
