Jason Dorje Short wrote: > Package: freeciv-server > Version: 2.0.7-2 > Severity: important > > > Jordi - > > There is a security hole in Freeciv 2.0 allowing a remote user to trigger a > server crash (it is unlikely anything more than a crashed civserver would > result from the hole). This patch (which will be included in the upcoming > 2.0.8 release) will fix it; I recommend you upload it and/or get ready for > 2.0.8 in a couple of days.
Jason, please mention CVE-2006-0047 in the changelog when you release the new version. CVE-2006-nnnn a unique identifier for a vulnerability in a software package. The database behind this is maintained at MITRE's Common Vulnerabilities and Exposures project <http://cve.mitre.org/cve/>. Details for such an id are available after a few days of quarantaine at <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-nnnn>. Many vendors (both propriatery and Free Software) participate in this database and assign the id to vulnerability reports or updates they produce. These IDs help us security people generally for identifying if a given package is fixed or if a given update fixes which problem. Please mention this ID in the changelog and/or project announcements. Regards, Joey -- The MS-DOS filesystem is nice for removable media. -- H. Peter Anvin Please always Cc to me when replying to me on the lists. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
