darkplaces in Debian out-dated by a good three years and Nexuiz Classic abandoned since 2010
Frederique
auspicious at inventati.org
Mon Aug 14 19:15:56 UTC 2017
Dear Debian Games mailing list,
I am going to try to keep it short and simple.
darkplaces: this package has not received updates in Debian while the
official SVN is still receiving commits to this day (
svn://svn.icculus.org/twilight/trunk/darkplaces ).
Nexuiz Classic: project has been abandoned in favour of their
commercial proprietary release. This since 2010. A majority of the
Nexuiz community has moved over to create a fork called Xonotic ( http:
//www.xonotic.org/ ) which last received an update just a few months
ago.
Please update darkplaces and replace Nexuiz with Xonotic. There is also
a possibility of Nexuiz being vulnerable to an exploit allowing servers
to remotely execute code on clients similar to the exploits Valve
recently resolved in their Quake based legacy games:
http://steamcommunity.com/games/70/announcements/detail/143931405382043
1619
And just to express concern in regards the importance of keeping games
updated, here is a recent exploit Valve fixed in their Source engine
that allowed remote code execution simply by killing a player:
https://www.theverge.com/2017/7/20/16003722/valve-one-up-security-explo
it-hackers-ragdoll-source-sdk-vunerability
Sincerely yours,
Frederique
More information about the Pkg-games-devel
mailing list