Control: retitle -1 freeciv: CVE-2022-3904: Modpack Installer buffer overflow
On Thu, Aug 18, 2022 at 12:51:28AM +0200, Moritz Muehlenhoff wrote:
> Source: freeciv
> Version: 2.6.6-1
> Severity: grave
> Tags: security
> X-Debbugs-Cc: Debian Security Team
>
> Quoting from the announcement posted to oss-security (no CVE is
> available):
>
> --
> Just released freeciv-2.6.7 & freeciv-3.0.3 fix buffer overflow in
> Modpack Installer utility's handling of the modpack URL. Specially
> crafted URLs, without any '/' -characters would result in an
> underflowing length (unsigned)(-1) string copy, i.e., all of the
> NULL-terminated string given as "URL" would get written beyond the
> buffer reserved for it.
>
> Freeciv source tarballs are available from
> https://www.freeciv.org/download.html for current 3.0, and from
> https://www.freeciv.org/wiki/Old_downloads for 2.6.
>
> In case you can't make full version update at the moment, bug tracker
> ticket has also a patch for this single issue attached:
> https://osdn.net/projects/freeciv/ticket/45299
> --
CVE-2022-39047 has been assigned for this issue.
Regards,
Salvatore
