Bug#1036703: teeworlds: CVE-2023-31517 CVE-2023-31518
Moritz Mühlenhoff
jmm at inutil.org
Wed May 24 14:50:56 BST 2023
Source: teeworlds
X-Debbugs-CC: team at security.debian.org
Severity: normal
Tags: security
Hi,
The following vulnerabilities were published for teeworlds.
CVE-2023-31517[0]:
| Teeworlds v0.7.5 was discovered to contain memory leaks.
https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b
CVE-2023-31518[1]:
| A heap use-after-free in the component CDataFileReader::GetItem of
| teeworlds v0.7.5 allows attackers to cause a Denial of Service (DoS)
| via a crafted map file.
https://gist.github.com/manba-bryant/9ca95d69c65f4d2c55946932c946fb9b
https://github.com/teeworlds/teeworlds/issues/2970
If you fix the vulnerabilities please also make sure to include the
CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2023-31517
https://www.cve.org/CVERecord?id=CVE-2023-31517
[1] https://security-tracker.debian.org/tracker/CVE-2023-31518
https://www.cve.org/CVERecord?id=CVE-2023-31518
Please adjust the affected versions in the BTS as needed.
More information about the Pkg-games-devel
mailing list