Bug#684143: redeclipse: security issues with transmitted map cfgs
Martin Erik Werner
martinerikwerner at gmail.com
Tue Aug 7 11:21:59 UTC 2012
Package: redeclipse
Version: 1.2-2
Severity: grave
Tags: security patch upstream
Justification: user security hole
A security issue with execution of map cfg(script) files could allow these scripts the same r/w access to files as the user running the game client.
This issue has been patched upstream, which makes it harder to exploit.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (900, 'testing'), (800, 'unstable'), (300, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.2.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages redeclipse depends on:
ii dpkg 1.16.4.3
ii libc6 2.13-33
ii libenet1a 1.3.3-2
ii libgcc1 1:4.7.1-2
ii libgl1-mesa-glx [libgl1] 8.0.3-1
ii libsdl-image1.2 1.2.12-2
ii libsdl-mixer1.2 1.2.12-2
ii libsdl1.2debian 1.2.15-5
ii libstdc++6 4.7.1-2
ii libx11-6 2:1.5.0-1
ii redeclipse-data 1.2-1
ii zlib1g 1:1.2.7.dfsg-13
redeclipse recommends no packages.
redeclipse suggests no packages.
-- no debconf information
More information about the Pkg-games-devel
mailing list