Login
Newsletter
Werbung

Sicherheit: Denial of Service in Tremulous
Aktuelle Meldungen Distributionen
Name: Denial of Service in Tremulous
ID: FEDORA-2012-5434
Distribution: Fedora
Plattformen: Fedora 16
Datum: Mi, 18. April 2012, 21:35
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5077
Applikationen: Tremulous

Originalnachricht

Name        : tremulous
Product : Fedora 16
Version : 1.2.0
Release : 0.5.beta1.fc16
URL : http://tremulous.net
Summary : First Person Shooter game based on the Quake 3 engine
Description :
Tremulous is a free, open source game that blends a team based FPS with
elements
of an RTS. Players can choose from 2 unique races, aliens and humans.
Players on both teams are able to build working structures in-game like an RTS.
These structures provide many functions, the most important being spawning.
The designated builders must ensure there are spawn structures or other players
will not be able to rejoin the game after death. Other structures provide
automated base defense (to some degree), healing functions and much more...

Player advancement is different depending on which team you are on.
As a human, players are rewarded with credits for each alien kill.
These credits may be used to purchase new weapons and upgrades from the Armoury
The alien team advances quite differently. Upon killing a human foe,
the alien is able to evolve into a new class. The more kills gained the more
powerful the classes available.

The overall objective behind Tremulous is to eliminate the opposing team.
This is achieved by not only killing the opposing players but also
removing their ability to respawn by destroying their spawn structures.

-------------------------------------------------------------------------------
-
Update Information:

Fix for CVE-2010-5077.
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Mar 27 2012 Jan Kaluza <jkaluza@redhat.com> - 1.2.0-0.5.beta1
- fix #806980 - fixed CVE-2010-5077
* Thu Feb 23 2012 Jan Kaluza <jkaluza@redhat.com> - 1.2.0-0.4.beta1
- fix #796362 - fixed CVE-2011-2764 and CVE-2011-3012
* Sat Jan 14 2012 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 1.2.0-0.3.beta1
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #806898 - CVE-2010-5077 quake3: DDoS via getstatus and rcon
requests
https://bugzilla.redhat.com/show_bug.cgi?id=806898
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update tremulous' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Gewinnspiel
Neue Nachrichten
Werbung