Your message dated Mon, 23 Mar 2026 18:22:08 +0000
with message-id <[email protected]>
and subject line Bug#1131524: fixed in freeciv 3.2.4+ds-1
has caused the Debian Bug report #1131524,
regarding freeciv: CVE-2026-33250
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1131524: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1131524
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: freeciv
Version: 3.0.6-1
Severity: grave
Tags: security upstream fixed-upstream
Justification: user security hole
Forwarded: https://redmine.freeciv.org/issues/1955
X-Debbugs-Cc: [email protected], Debian Security Team <[email protected]>
Control: fixed -1 3.0.6-1+deb12u1
Control: fixed -1 3.1.4+ds-2+deb13u1
Hi,
The following vulnerability was published for freeciv.
CVE-2026-33250[0]:
| Network code (recursive jumbo packets) DOS attack
It was fixed in a DSA already released by Moritz, so adjusting the
metadata.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2026-33250
https://www.cve.org/CVERecord?id=CVE-2026-33250
[1] https://redmine.freeciv.org/issues/1955
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: freeciv
Source-Version: 3.2.4+ds-1
Done: Tobias Frost <[email protected]>
We believe that the bug you reported is fixed in the latest version of
freeciv, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Tobias Frost <[email protected]> (supplier of updated freeciv package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Mon, 23 Mar 2026 18:45:39 +0100
Source: freeciv
Architecture: source
Version: 3.2.4+ds-1
Distribution: unstable
Urgency: high
Maintainer: Debian Games Team <[email protected]>
Changed-By: Tobias Frost <[email protected]>
Closes: 1131524
Changes:
freeciv (3.2.4+ds-1) unstable; urgency=high
.
* New upstream release.
- Fixes CVE-2026-33250 - DoS (Closes: #1131524)
* d/copyright: Exclude generated Makefile.in files.
Checksums-Sha1:
a1aa781e6dfb79e2ed93c4b6ea069440ce8edc42 2824 freeciv_3.2.4+ds-1.dsc
ccc25bc691d79cc51ac75152204f5a07ec00320c 58198372 freeciv_3.2.4+ds.orig.tar.xz
81ac3c8fd9084df7b8a1965f8c1f92972e7356d8 25736 freeciv_3.2.4+ds-1.debian.tar.xz
813bb4f5d5a0c438a257e1d900da3c49e9cee2a3 25062
freeciv_3.2.4+ds-1_amd64.buildinfo
Checksums-Sha256:
2fd84a7978fe6d0f152c8c004320a2430a934ba141cbd8d15ea997a781a76af6 2824
freeciv_3.2.4+ds-1.dsc
f670a4fbb2a168a81e80590e1ce1e068f8ba09a67628ec68d07e17be06273015 58198372
freeciv_3.2.4+ds.orig.tar.xz
e46840d0d01bdfb13d31a1dcd2daa53b38049ccd48b4c562cac5fa9b728c6820 25736
freeciv_3.2.4+ds-1.debian.tar.xz
70b27a8f834ab6d88040dedefcdf91070f1b34251f96e96359166eb6f0bfc069 25062
freeciv_3.2.4+ds-1_amd64.buildinfo
Files:
45a7cbe3721a49fd88fb63ca6cf8eac8 2824 games optional freeciv_3.2.4+ds-1.dsc
ccf0a9154ac5ee0d9eb209a07245f650 58198372 games optional
freeciv_3.2.4+ds.orig.tar.xz
e48270bd5bca402d128d0ec1b4fe4230 25736 games optional
freeciv_3.2.4+ds-1.debian.tar.xz
a58810b52081d28fe05c7404db0a642e 25062 games optional
freeciv_3.2.4+ds-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE/d0M/zhkJ3YwohhskWT6HRe9XTYFAmnBfXIACgkQkWT6HRe9
XTY7wg/+JmyWsCFq2eIroV1SPvxEXvudT8iFrGI3vn0AKRdBGYEDR8b5dAfBsv9C
3YibRpkR97EyLAjcQkA1X1Rxi2CZrmDIouzibtUrJa3C4o0XBiGiYlJla+USPul5
xVidmbbiU/GdTzC6AXtd4v1VCtSM97zwjO+xhSvae3tBIm68lloQTYR6EbWR39LB
kHWErB3ORifcMUDJNxIR6l9DzlEI5Hie25sdhvoQZ11RCdISz22ACot1j2zYBsdg
twVIAE5kH97/R9JqaHwBsghvT9QFIBgR8+g9Bdh0TzzbcIwM1DQqbeYOiDPy5mNM
SHovuvXZecd1J+mByZ/+zKWrKlNOGpSwzXMeYLTX85lYC76JFUTwqoW5W/DZExcN
zU7a4O93dQDqqNQIB8Cjym4Yf8VY0mYSK9+66Bv8cQjD9DqueYvChAQlwltxnBvk
5rBtYzVQmH+vqhEs4IDw0MsCNd161IMaetCIDkkLKM5NrmYncBjObJ9cLpj6zfsL
mq48/+vbqbrmg/Iu58uYAByQHoGoJaDmHsi0atyicICuG99L5uSctSKva+DT9bBX
9NALr7n6iLGps6jdJ08KtqvoZGCEtZx8SRC0KV8wobP/u80SGYn0HPeFKEkWES4Z
jMzdeaD3LTYblsuFGWz8Guq0Nx1n7PAl4lQ/iulq2u7PrpzoKYk=
=xwCW
-----END PGP SIGNATURE-----
pgps9nD6QLrYR.pgp
Description: PGP signature
--- End Message ---
