Your message dated Sat, 27 Oct 2018 15:16:58 +0000 with message-id <e1ggqkg-0003zw...@fasolo.debian.org> and subject line Bug#911487: fixed in teeworlds 0.7.0-1 has caused the Debian Bug report #911487, regarding teeworlds: CVE-2018-18541: remote denial-of-service to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 911487: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=911487 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: teeworlds-server Version: 0.6.4+dfsg-1 Severity: grave Tags: security It was discovered that a Teeworlds server could be made inaccessible by forging connection packets. This made it look like the server was always full thus access to the server was effectively denied. My own private server was recently affected by this. The only way to mitigate this attack is to change the server port. Apparently this issue was fixed in version 0.6.5. Markus
--- End Message ---
--- Begin Message ---Source: teeworlds Source-Version: 0.7.0-1 We believe that the bug you reported is fixed in the latest version of teeworlds, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 911...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Markus Koschany <a...@debian.org> (supplier of updated teeworlds package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sat, 27 Oct 2018 12:11:25 +0200 Source: teeworlds Binary: teeworlds teeworlds-server teeworlds-data Architecture: source Version: 0.7.0-1 Distribution: unstable Urgency: high Maintainer: Debian Games Team <pkg-games-de...@lists.alioth.debian.org> Changed-By: Markus Koschany <a...@debian.org> Description: teeworlds - online multi-player platform 2D shooter teeworlds-data - data for Teeworlds; an online multi-player platform 2D shooter teeworlds-server - server for Teeworlds; an online multi-player platform 2D shooter Closes: 536107 892351 911487 Changes: teeworlds (0.7.0-1) unstable; urgency=high . * Team upload. * New upstream version 0.7.0 - No longer repack the tarball because it is DFSG-compliant. - However see README.source. We have to add maps and translations manually because network connections at build time are not allowed. - Fix CVE-2018-18541: remote denial-of-service vulnerability in teeworlds-server. (Closes: #911487) - Use pkg-config to detect libraries. (Closes: #892351) * Switch to compat level 11. * Declare compliance with Debian Policy 4.2.1. * Update debian/watch and track new releases on github.com. * Update debian/copyright for new release. * Rebase all patches for new release. * Switch from SDL 1 to SDL 2. * Use bam -t option for more verbosity. * Do not create debian.lua anymore. * Add portability.patch and don't make the build fail if we build on non-supported architectures. * Add builddir.patch and use a more predictable location for build output files. * Provide a systemd service file for teeworlds-server. Install a new teeworlds.service file but disable the server by default. Explain in README.Debian what steps are needed to run a server. (Closes: #536107) Checksums-Sha1: 9059d38924e6b74f76fe72b7ab06c62453ebc3d4 2401 teeworlds_0.7.0-1.dsc 95505a7fc46e025db1cbbf84aa3c34430464fd77 7767344 teeworlds_0.7.0.orig.tar.xz 03183d11fb90ad11f1c75ca52fce895ca4a2f75d 18744 teeworlds_0.7.0-1.debian.tar.xz 5eb0adb3ce3ebf5b10e97e791d44fdec798941ba 12966 teeworlds_0.7.0-1_amd64.buildinfo Checksums-Sha256: d52630cb76a677fd24217e7ee513ede65486823e076717f5ca671d50e021a741 2401 teeworlds_0.7.0-1.dsc b295a9232aec26e8491a96fe5cc7867dc13d19b8a075d428b1e922b2db6cb341 7767344 teeworlds_0.7.0.orig.tar.xz 4f8e6e3c856b6beadc5305e199ee4cd0744383f4cc229120fe97828d74599b95 18744 teeworlds_0.7.0-1.debian.tar.xz 747b25c3716a39e3b269c896e7170ff829f0085ea726fab03ed18c6cca40685d 12966 teeworlds_0.7.0-1_amd64.buildinfo Files: 563bfb7452cb3c2fe3d8996eaec57d2d 2401 games optional teeworlds_0.7.0-1.dsc 9fba973d94dd29cdf911eec829aabfd7 7767344 games optional teeworlds_0.7.0.orig.tar.xz b783c83efb56e60a492cfde358785f4e 18744 games optional teeworlds_0.7.0-1.debian.tar.xz 8e5ed6654463be1f3289934093527458 12966 games optional teeworlds_0.7.0-1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAlvUcIVfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1Hk1v4QAKeUSuGLGgjbch5R28vizzPq9VXZxGKgNkER 50WikQMov9uNEE9zMDJnA5EHB9THpGouRopONpcDiYo3MJPl1tPysfWYbaVx3UYL g0eR88Ss9V8oTr64vSfpmlUcDCr1gZ5Y7PWVkmCtvF6FXo1wTvWFL5kc9uJWqYuF FladgPAzngjmbf9b8lvAo8u3jbMz4c+/K55urNjWFCC/Y+NuyPiHCSvRmrYjkfWx lMb9BmlksxKJFYUPt3s7hNOIf8/nMlS+iWYR19A4hedn3UjhslmfDw4NluL54wvM UJf+wvR8+ieLSuE2+FVAAGjSKSMDsSgc2z91/1RJKjFmA/0eP1W0NluSNiB7zYrx xnygeAvrpYjHvuUrNF/BzNjf9JcwhYAMfEP2OYM7h35z46hBC03qtLLcwWuiL/XW ZJDv/5F7kakGackeUUdjppoa+TLNRCe2w0vQTOeZnO9cswtQboyhTLl+vlOkY7D/ MXbWhdpn8+68w+XkFxnhiHUCYnt3rsjKGdNC3Dxj+dsVq+MnHwyxZ8YqeHnS2+WV zmOlf93LqgIluKqhDuUURPGQHa5Z3i8jYe4r5feoHekx69CBUbH/okHv+a6v7gzx IG60AGX5VvrHMV+hq0Y21yv245vd5TBh9G286IDjD1Mber/4azOWu+3nUwsaokPz OUiU/a3Z =bn6D -----END PGP SIGNATURE-----
--- End Message ---
