Source: teeworlds Version: 0.7.5-1 Severity: important Tags: security upstream Forwarded: https://github.com/teeworlds/teeworlds/issues/2981 X-Debbugs-Cc: car...@debian.org, Debian Security Team <t...@security.debian.org> Control: found -1 0.7.2-5+deb10u1 Control: found -1 0.7.2-5
Hi, The following vulnerability was published for teeworlds. CVE-2021-43518[0]: | Teeworlds up to and including 0.7.5 is vulnerable to Buffer Overflow. | A map parser does not validate m_Channels value coming from a map | file, leading to a buffer overflow. A malicious server may offer a | specially crafted map that will overwrite client's stack causing | denial of service or code execution. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2021-43518 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-43518 [1] https://github.com/teeworlds/teeworlds/issues/2981 Please adjust the affected versions in the BTS as needed. Regards, Salvatore