On Mon, 15 Apr 2019 18:07:12 +0200 Markus Koschany wrote:
> Package: teeworlds
> X-Debbugs-CC: t...@security.debian.org
> Severity: grave
> Tags: security
>
> Hi,
>
> The following vulnerabilities were published for teeworlds.
>
> CVE-2019-10877[0]:
> | In Teeworlds 0.7.2, there is an integer overflow in CMap::Load() in
> | engine/shared/map.cpp that can lead to a buffer overflow, because
> | multiplication of width and height is mishandled.
>
>
> CVE-2019-10878[1]:
> | In Teeworlds 0.7.2, there is a failed bounds check in
> | CDataFileReader::GetData() and CDataFileReader::ReplaceData() and
> | related functions in engine/shared/datafile.cpp that can lead to an
> | arbitrary free and out-of-bounds pointer write, possibly resulting in
> | remote code execution.
>
>
> CVE-2019-10879[2]:
> | In Teeworlds 0.7.2, there is an integer overflow in
> | CDataFileReader::Open() in engine/shared/datafile.cpp that can lead to
> | a buffer overflow and possibly remote code execution, because size-
> | related multiplications are mishandled.
>
>
> If you fix the vulnerabilities please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.
>
> For further information see:
>
> [0] https://security-tracker.debian.org/tracker/CVE-2019-10877
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10877
> [1] https://security-tracker.debian.org/tracker/CVE-2019-10878
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10878
> [2] https://security-tracker.debian.org/tracker/CVE-2019-10879
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-10879
>
> Please adjust the affected versions in the BTS as needed.
>
> Regards,
>
> Markus
>
Hi,
Teeworlds 0.7.3 was released and includes the aforementioned patches:
https://teeworlds.com/?page=journal&id=12806
> fix security vulnerabilities CVE-2019-10879, CVE-2019-10879,
CVE-2019-10879
Greetings,
Dune
