Package: teeworlds Version: 0.6.1+dfsg-1 Severity: grave Tags: security Justification: user security hole
teeworlds upstream has released version 0.6.4. https://www.teeworlds.com/?page=news&id=12086 says > the security vulnerability is worse, attacker controlled memory-writes and > possibly arbitrary code execution on the client, abusable by any server the > client joins The upstream fix: https://github.com/teeworlds/teeworlds/commit/ff254722a2683867fcb3e67569ffd36226c4bc62 There doesn't seem to be a CVE assigned to this vulnerability. Felix