Handling security issues?

Bruno Kleinert fuddl at gmx.de
Thu Feb 9 22:32:19 UTC 2006


This one time, at band camp, Moritz Muehlenhoff wrote:
> Steve Kemp wrote:
> > 
> >   One of the things that initially made me interested in joining in
> >  with the group maintainership of games was the initial message
> >  posted to debian-devel.
> > 
> >   This had a small section suggesting that the games-team would be
> >  well placed to handle security issues.
> > 
> >   Lets practise now ;)
> 
> If anyone wants to practice more here's a list of all open security problems
> of games in sid, all easily NMUable:
> 
> bzflag     - DoS attack against server, #345245, no maintainer reaction since
>              2005-12-29.
> netpanzer  - DoS attack against server, #318329, no maintainer reaction since
>              2005-07-12(!)
> scorched3d - Arbitrary code execution through format string attacks and
>              buffer overflows, plus DoS, all in the server, no maintainer
>              reaction since 2005-11-04
> Cheers,
>         Moritz
> 
> _______________________________________________
> Pkg-games-devel mailing list
> Pkg-games-devel at lists.alioth.debian.org
> http://lists.alioth.debian.org/mailman/listinfo/pkg-games-devel
> 

i gave bzflag a shot and exported todays sources from cvs. upstream
seems to leave out bzflag version 2.0.5 and in the NEWS file, version
2.1.0 is the most recent entry. well, the sources compiled cleanly, but
the binaries didn't work. i'll have a closer look on that project
tomorrow, perhaps there's a newer version that compiles and is even
playable ;)

-- 
Among elephants it's not considered cool nor in any good taste
to drain other elephants





More information about the Pkg-games-devel mailing list