Package: freeciv-server Version: 2.0.7-2 Severity: important
Jordi - There is a security hole in Freeciv 2.0 allowing a remote user to trigger a server crash (it is unlikely anything more than a crashed civserver would result from the hole). This patch (which will be included in the upcoming 2.0.8 release) will fix it; I recommend you upload it and/or get ready for 2.0.8 in a couple of days. Index: common/packets.c =================================================================== --- common/packets.c (revision 11709) +++ common/packets.c (working copy) @@ -362,13 +362,13 @@ } #endif - if (whole_packet_len > pc->buffer->ndata) { + if ((unsigned)whole_packet_len > pc->buffer->ndata) { return NULL; /* not all data has been read */ } #ifdef USE_COMPRESSION if (compressed_packet) { - int compressed_size = whole_packet_len - header_size; + uLong compressed_size = whole_packet_len - header_size; /* * We don't know the decompressed size. We assume a bad case * here: an expansion by an factor of 100. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15-1-686 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Versions of packages freeciv-server depends on: ii freeciv-data 2.0.7-2 Civilization turn based strategy g ii libc6 2.3.6-2 GNU C Library: Shared libraries an ii libreadline5 5.1-6 GNU readline and history libraries ii zlib1g 1:1.2.3-9 compression library - runtime freeciv-server recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]