Bug#870725: CVE-2017-11721: read buffer overflow in MSG_ReadBits
Moritz Mühlenhoff
jmm at inutil.org
Sat Aug 12 13:33:34 UTC 2017
On Sat, Aug 12, 2017 at 01:46:33AM -0400, Simon McVittie wrote:
> On Fri, 11 Aug 2017 at 20:11:46 +0200, Moritz Mühlenhoff wrote:
> > Thanks, please upload. Generally speaking contrib is not supported, but
> > it would be silly to fix ioquake, but not iortcw along, so please go ahead.
>
> Thanks, both uploaded to security-master targeting stretch-security.
>
> > What about jessie, is that still usable against current game servers?
>
> It would make sense to fix ioquake3 in jessie, but I am unlikely to
> be able to complete this work any time soon - I probably won't find a
> jessie user at DebConf, and soon after I get back I'll be moving house,
> so my time and hardware are limited. I'll try to prepare packages so
> that someone else can test them (via openarena).
Feel free to simply upload an untested package for jessie-security,
I'm flying back on Sunday evening, I can run tests on jessie sometime
next week.
Cheers,
Moritz
More information about the Pkg-games-devel
mailing list