Bug#696306: freeciv: CVE-2012-5645
Marko Lindqvist
cazfi74 at gmail.com
Wed Dec 19 11:38:30 UTC 2012
On 19 December 2012 09:02, Moritz Muehlenhoff <jmm at inutil.org> wrote:
> Package: freeciv
> Severity: important
> Tags: security
>
> Hi,
> please see http://aluigi.altervista.org/adv/freecivet-adv.txt
That's two issues...
> Bug: http://gna.org/bugs/?20003
... reported in one freeciv ticket.
That CVE is a bit unfortunate that it (currently) has description
containing both parts but fix provided is only one part. I think it's
quite likely that they will assign new CVE for the other half to sort
this out.
> Fix: http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21670
Patch from stable S2_3 branch (where 2.3.x releases come from):
http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21672
And the other fix not listed in CVE: trunk:
http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21701 /
S2_3: http://svn.gna.org/viewcvs/freeciv?view=revision&revision=21703
> Please make an isolated upload with the security fix to unstable and
> ask the release managers for an unblock by filing a bug against
> release.debian.org
>
> Cheers,
> Moritz
- ML
More information about the Pkg-games-devel
mailing list