[hlds] Mandatory TF2 update coming
We're working on a mandatory update for TF2. We should have it ready soon. -Eric ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
[hlds] Mandatory TF2 update released
We've released another mandatory update for TF2. The update notes are below. The new version is 2926419. Apologies for any inconvenience this second update today may cause. -Eric - Updated LODs for the revolver - Updated PASS Time - Fixed a client crash related to the HUD - Fixed the Short Circuit being used to remove the Jack from the game - Fixed players being able to pick-up the Jack while they have weapons deployed that cannot be holstered - Updated pass_warehouse - Fixed players getting into enemy spawn rooms - Fixed the Jack being thrown into spawn rooms - Fixed being able to build in the goals ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
[hlds] Optional TF2 update released
We've released one last update tonight for TF2. The update is optional. It fixes a sound problem when carrying the Jack in the new PASS Time game mode. You only need to sync and get the latest version if you're running a PASS Time server. Thanks. -Eric ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] Mandatory TF2 update released
As an aside... - Will be awarded going forward on a case-by-case basis to those who report major economy-breaking bugs or remote-code-execution bugs, and provide detailed information and steps to reproduce - Well deserved congratulations to the first recipient, Nathaniel Theis I seem to remember XMPPWocky using these exploits (he used a fuzzer to find them...) against Community Servers in the wild. I'm also pretty sure he's banned from AM because of this. I hate to say it, but this is definitely not what Valve should be promoting. The Ryan's at the very least for past contributions against Ticket Authentication (even if there was a tool)... There's definitely people out there who haven't been malicious about this in the past, and it's actually kind of pathetic that this destructive behaviour is rewarded. Reporting an issue is one thing, exacerbating it against unprotected community servers is another. Kyle. On Tue, Aug 18, 2015 at 3:48 PM, Kyle Sanderson kyle.l...@gmail.com wrote: - Fixed a crash caused by a client sending malformed network data to the server (thanks to Nathaniel Theis for this report and test case) There's well over half a year of this. Please sync the remaining OrangeBox games to fix these public remote execution exploits. I'm not sure what reason there is to leave these games completely vulnerable for this long. Kyle. On Tue, Aug 18, 2015 at 3:44 PM, Eric Smith er...@valvesoftware.com wrote: We've released a mandatory update for TF2. The update notes are below. The new version is 2925737. -Eric - Added new game mode 'PASS Time' to the TF2 Beta - Check out the blog post for more information (http://www.teamfortress.com/post.php?id=17833) - Fixed a crash caused by a client sending malformed network data to the server (thanks to Nathaniel Theis for this report and test case) - Added a new hat 'The Finder's Fee' - Will be awarded going forward on a case-by-case basis to those who report major economy-breaking bugs or remote-code-execution bugs, and provide detailed information and steps to reproduce - Well deserved congratulations to the first recipient, Nathaniel Theis - Fixed visual bugs caused by picking up weapons with special attributes - Fixed the Mann vs. Machine Medigun shield not being re-created after switching away from the Medigun and back while the charge is draining - Fixed some alignment issues in the HUD meters for the Mann vs. Machine rage knockback and Medigun shield - Fixed left-hand view models not displaying Stat Clocks correctly - Fixed being able to use the tournament_readystate client command when using per-player ready status mode - Fixed seeing a HUD mp_timelimit timer for maps that don't end the round when the map timelimit runs out - Fixed some missing VO sounds for the Demoman when laughing - Fixed being able to use the Restore action on Killsteak Kits - Fixed character loadout menus so they display the particle effects for all equipped Unusual items - The Huo-Long Heater can now accept Posthumous Kills strange parts - Updated the Australium Grenade Launcher to fix the wood material being shiny - Updated the backpack images for the Gun Mettle Campaign Coin - Updated LODs for several weapons and the sentry gun - Updated Mann Co. Store prices for foreign currencies to current USD equivalents - Updated the localization files - Updated Koth_Suijin with the latest changes from the authors - Added cover around the point preventing cross-point sight line - Opened second window in point building - Tweaked pickup amounts and positions - Widened space between stairs to point and bridge railing to allow easier movement - Clipping improvements - Improved lighting in dark areas - Fixed an issue where engineers could build on outlying islands - Fixed an issue where engineers could trap teammates by building teleporters in spaces with restricted movement - Fixed an issue where the spawn room doors could be held open by an opposing team member - Optimization improvements - Maps Workshop Beta - Fixed a common crash when loading some compressed maps - Fixed various issues running workshop maps on listen servers - Listen servers no longer unnecessarily fetch a second copy of the map - Listen servers no longer cause the client to crash upon the second load of the same workshop map - Added -ugcpath parameter for dedicated servers to control location of downloaded workshop content - Defaults to steamapps/workshop - Multiple servers sharing the same UGC directory is currently not supported, and will not go well - Added server command tf_workshop_map_status to view currently tracked maps and their status - Enhanced handling of updated maps to ensure the newest
Re: [hlds] Mandatory TF2 update released
I seem to remember XMPPWocky using these exploits (he used a fuzzer to find them...) against Community Servers in the wild. I'm also pretty sure he's banned from AM because of this. They were never used against any community servers. At one point, I needed to confirm that a crash issue worked (which was *not* found via fuzzing, it was binary analysis), and didn't have an actual dedicated server to test against, so I checked an *empty* Valve server. It worked, I reported it, and that was the end of it. The only other thing you might be thinking of is when I accidentally had my cl_logofile set to a VTF that crashed on load (I was testing on a listen server; I haven't figured out a faster way to run through the VTF loading code than a spray), and fat-fingered my spray key while on a community server, which crashed some people. Again, this bug was *only* a crash (and, it turned out, it was also one that was being actively exploited by a few people in the wild- it was possible to trigger it by simply truncating a VTF file.) Thanks, Nate On Tue, Aug 18, 2015 at 4:02 PM, Kyle Sanderson kyle.l...@gmail.com wrote: As an aside... - Will be awarded going forward on a case-by-case basis to those who report major economy-breaking bugs or remote-code-execution bugs, and provide detailed information and steps to reproduce - Well deserved congratulations to the first recipient, Nathaniel Theis I seem to remember XMPPWocky using these exploits (he used a fuzzer to find them...) against Community Servers in the wild. I'm also pretty sure he's banned from AM because of this. I hate to say it, but this is definitely not what Valve should be promoting. The Ryan's at the very least for past contributions against Ticket Authentication (even if there was a tool)... There's definitely people out there who haven't been malicious about this in the past, and it's actually kind of pathetic that this destructive behaviour is rewarded. Reporting an issue is one thing, exacerbating it against unprotected community servers is another. Kyle. On Tue, Aug 18, 2015 at 3:48 PM, Kyle Sanderson kyle.l...@gmail.com wrote: - Fixed a crash caused by a client sending malformed network data to the server (thanks to Nathaniel Theis for this report and test case) There's well over half a year of this. Please sync the remaining OrangeBox games to fix these public remote execution exploits. I'm not sure what reason there is to leave these games completely vulnerable for this long. Kyle. On Tue, Aug 18, 2015 at 3:44 PM, Eric Smith er...@valvesoftware.com wrote: We've released a mandatory update for TF2. The update notes are below. The new version is 2925737. -Eric - Added new game mode 'PASS Time' to the TF2 Beta - Check out the blog post for more information ( http://www.teamfortress.com/post.php?id=17833) - Fixed a crash caused by a client sending malformed network data to the server (thanks to Nathaniel Theis for this report and test case) - Added a new hat 'The Finder's Fee' - Will be awarded going forward on a case-by-case basis to those who report major economy-breaking bugs or remote-code-execution bugs, and provide detailed information and steps to reproduce - Well deserved congratulations to the first recipient, Nathaniel Theis - Fixed visual bugs caused by picking up weapons with special attributes - Fixed the Mann vs. Machine Medigun shield not being re-created after switching away from the Medigun and back while the charge is draining - Fixed some alignment issues in the HUD meters for the Mann vs. Machine rage knockback and Medigun shield - Fixed left-hand view models not displaying Stat Clocks correctly - Fixed being able to use the tournament_readystate client command when using per-player ready status mode - Fixed seeing a HUD mp_timelimit timer for maps that don't end the round when the map timelimit runs out - Fixed some missing VO sounds for the Demoman when laughing - Fixed being able to use the Restore action on Killsteak Kits - Fixed character loadout menus so they display the particle effects for all equipped Unusual items - The Huo-Long Heater can now accept Posthumous Kills strange parts - Updated the Australium Grenade Launcher to fix the wood material being shiny - Updated the backpack images for the Gun Mettle Campaign Coin - Updated LODs for several weapons and the sentry gun - Updated Mann Co. Store prices for foreign currencies to current USD equivalents - Updated the localization files - Updated Koth_Suijin with the latest changes from the authors - Added cover around the point preventing cross-point sight line - Opened second window in point building - Tweaked pickup amounts and positions - Widened space between stairs to point and bridge railing to allow easier movement - Clipping
Re: [hlds] Mandatory TF2 update released
So… the short-circuit “pops” or removes the Jack (ball) in pass_warehouse. Anybody know off-hand the easiest way to disable short circuit? Perhaps a sourcemod plugin? - Peter ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] Mandatory TF2 update released
As long as we're talking about bugs and stuff, the Sandman and Wrap Assassin can steal the ball from a distance. On 8/18/2015 9:07 PM, N-Gon wrote: You can also walk right into enemy spawns it seems... On Tue, Aug 18, 2015 at 8:48 PM, N-Gon ngongamedes...@gmail.com mailto:ngongamedes...@gmail.com wrote: #DEFLATEGATE On Tue, Aug 18, 2015 at 8:46 PM, Peter Jerde peter-h...@jerde.net mailto:peter-h...@jerde.net wrote: So… the short-circuit “pops” or removes the Jack (ball) in pass_warehouse. Anybody know off-hand the easiest way to disable short circuit? Perhaps a sourcemod plugin? - Peter ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
[hlds] Mandatory TF2 update released
We've released a mandatory update for TF2. The update notes are below. The new version is 2925737. -Eric - Added new game mode 'PASS Time' to the TF2 Beta - Check out the blog post for more information (http://www.teamfortress.com/post.php?id=17833) - Fixed a crash caused by a client sending malformed network data to the server (thanks to Nathaniel Theis for this report and test case) - Added a new hat 'The Finder's Fee' - Will be awarded going forward on a case-by-case basis to those who report major economy-breaking bugs or remote-code-execution bugs, and provide detailed information and steps to reproduce - Well deserved congratulations to the first recipient, Nathaniel Theis - Fixed visual bugs caused by picking up weapons with special attributes - Fixed the Mann vs. Machine Medigun shield not being re-created after switching away from the Medigun and back while the charge is draining - Fixed some alignment issues in the HUD meters for the Mann vs. Machine rage knockback and Medigun shield - Fixed left-hand view models not displaying Stat Clocks correctly - Fixed being able to use the tournament_readystate client command when using per-player ready status mode - Fixed seeing a HUD mp_timelimit timer for maps that don't end the round when the map timelimit runs out - Fixed some missing VO sounds for the Demoman when laughing - Fixed being able to use the Restore action on Killsteak Kits - Fixed character loadout menus so they display the particle effects for all equipped Unusual items - The Huo-Long Heater can now accept Posthumous Kills strange parts - Updated the Australium Grenade Launcher to fix the wood material being shiny - Updated the backpack images for the Gun Mettle Campaign Coin - Updated LODs for several weapons and the sentry gun - Updated Mann Co. Store prices for foreign currencies to current USD equivalents - Updated the localization files - Updated Koth_Suijin with the latest changes from the authors - Added cover around the point preventing cross-point sight line - Opened second window in point building - Tweaked pickup amounts and positions - Widened space between stairs to point and bridge railing to allow easier movement - Clipping improvements - Improved lighting in dark areas - Fixed an issue where engineers could build on outlying islands - Fixed an issue where engineers could trap teammates by building teleporters in spaces with restricted movement - Fixed an issue where the spawn room doors could be held open by an opposing team member - Optimization improvements - Maps Workshop Beta - Fixed a common crash when loading some compressed maps - Fixed various issues running workshop maps on listen servers - Listen servers no longer unnecessarily fetch a second copy of the map - Listen servers no longer cause the client to crash upon the second load of the same workshop map - Added -ugcpath parameter for dedicated servers to control location of downloaded workshop content - Defaults to steamapps/workshop - Multiple servers sharing the same UGC directory is currently not supported, and will not go well - Added server command tf_workshop_map_status to view currently tracked maps and their status - Enhanced handling of updated maps to ensure the newest available version of the map is always used on level change - Improved handling of workshop maps in a server's map cycle - Workshop maps in the map cycle will be automatically fetched and updated in the background - Workshop maps in the map cycle will have their names updated to the canonical name once known - Map votes now work with workshop maps - A known issue is that the full workshop map name is currently shown instead of the friendly name - Community request: Updated the FindMap and CanProvideLevel API for server-side mods. These functions now always expose the full workshop names for maps when known, even if not the map is not yet installed. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] Mandatory TF2 update released
- Fixed a crash caused by a client sending malformed network data to the server (thanks to Nathaniel Theis for this report and test case) There's well over half a year of this. Please sync the remaining OrangeBox games to fix these public remote execution exploits. I'm not sure what reason there is to leave these games completely vulnerable for this long. Kyle. On Tue, Aug 18, 2015 at 3:44 PM, Eric Smith er...@valvesoftware.com wrote: We've released a mandatory update for TF2. The update notes are below. The new version is 2925737. -Eric - Added new game mode 'PASS Time' to the TF2 Beta - Check out the blog post for more information (http://www.teamfortress.com/post.php?id=17833) - Fixed a crash caused by a client sending malformed network data to the server (thanks to Nathaniel Theis for this report and test case) - Added a new hat 'The Finder's Fee' - Will be awarded going forward on a case-by-case basis to those who report major economy-breaking bugs or remote-code-execution bugs, and provide detailed information and steps to reproduce - Well deserved congratulations to the first recipient, Nathaniel Theis - Fixed visual bugs caused by picking up weapons with special attributes - Fixed the Mann vs. Machine Medigun shield not being re-created after switching away from the Medigun and back while the charge is draining - Fixed some alignment issues in the HUD meters for the Mann vs. Machine rage knockback and Medigun shield - Fixed left-hand view models not displaying Stat Clocks correctly - Fixed being able to use the tournament_readystate client command when using per-player ready status mode - Fixed seeing a HUD mp_timelimit timer for maps that don't end the round when the map timelimit runs out - Fixed some missing VO sounds for the Demoman when laughing - Fixed being able to use the Restore action on Killsteak Kits - Fixed character loadout menus so they display the particle effects for all equipped Unusual items - The Huo-Long Heater can now accept Posthumous Kills strange parts - Updated the Australium Grenade Launcher to fix the wood material being shiny - Updated the backpack images for the Gun Mettle Campaign Coin - Updated LODs for several weapons and the sentry gun - Updated Mann Co. Store prices for foreign currencies to current USD equivalents - Updated the localization files - Updated Koth_Suijin with the latest changes from the authors - Added cover around the point preventing cross-point sight line - Opened second window in point building - Tweaked pickup amounts and positions - Widened space between stairs to point and bridge railing to allow easier movement - Clipping improvements - Improved lighting in dark areas - Fixed an issue where engineers could build on outlying islands - Fixed an issue where engineers could trap teammates by building teleporters in spaces with restricted movement - Fixed an issue where the spawn room doors could be held open by an opposing team member - Optimization improvements - Maps Workshop Beta - Fixed a common crash when loading some compressed maps - Fixed various issues running workshop maps on listen servers - Listen servers no longer unnecessarily fetch a second copy of the map - Listen servers no longer cause the client to crash upon the second load of the same workshop map - Added -ugcpath parameter for dedicated servers to control location of downloaded workshop content - Defaults to steamapps/workshop - Multiple servers sharing the same UGC directory is currently not supported, and will not go well - Added server command tf_workshop_map_status to view currently tracked maps and their status - Enhanced handling of updated maps to ensure the newest available version of the map is always used on level change - Improved handling of workshop maps in a server's map cycle - Workshop maps in the map cycle will be automatically fetched and updated in the background - Workshop maps in the map cycle will have their names updated to the canonical name once known - Map votes now work with workshop maps - A known issue is that the full workshop map name is currently shown instead of the friendly name - Community request: Updated the FindMap and CanProvideLevel API for server-side mods. These functions now always expose the full workshop names for maps when known, even if not the map is not yet installed. ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the
Re: [hlds] Mandatory TF2 update released
#DEFLATEGATE On Tue, Aug 18, 2015 at 8:46 PM, Peter Jerde peter-h...@jerde.net wrote: So… the short-circuit “pops” or removes the Jack (ball) in pass_warehouse. Anybody know off-hand the easiest way to disable short circuit? Perhaps a sourcemod plugin? - Peter ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
Re: [hlds] Mandatory TF2 update released
You can also walk right into enemy spawns it seems... On Tue, Aug 18, 2015 at 8:48 PM, N-Gon ngongamedes...@gmail.com wrote: #DEFLATEGATE On Tue, Aug 18, 2015 at 8:46 PM, Peter Jerde peter-h...@jerde.net wrote: So… the short-circuit “pops” or removes the Jack (ball) in pass_warehouse. Anybody know off-hand the easiest way to disable short circuit? Perhaps a sourcemod plugin? - Peter ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds ___ To unsubscribe, edit your list preferences, or view the list archives, please visit: https://list.valvesoftware.com/cgi-bin/mailman/listinfo/hlds
