Bugzilla Bug 125647

The callsigns used by the clients are not checked or re-delimited by
the server so is possible for a client to pass a callsign with no NULL
bytes at its end causing problems (crash) to the server during the
handling of this string.
On both Linux and Windows for x86 (using the precompiled packages) I
have reached the server crash without problems but is possible that in
some configurations the crash could happen after many tries or also
never, depending by how the memory is handled on that platform.

The bug can be exploited also versus password protected servers without
knowing the right keyword.

http://aluigi.altervista.org/adv/bzflagboom-adv.txt

One more on games team plate.
Too bad Luigi decided to do more auditing on games servers while our games team
is silent :)

it's masked.

Can bzflag be split into server and client ebuilds? It sounds like this doesn't
affect the client.

No masking GLSA as this is not a critical security issue.
Setting this to enhancement to remember to remove bzflag at some point in the
future.

Asking to separate between server and client should be done a separate
non-security bug, assigend to teh games team.

remove? For about a 4 lines patch to apply ? :( 
I love bzflag

At comment #5: which 4-line patch, Tupone?  Please attach?

Created an attachment (id=82128) [edit]
bzflag-callsignfix.patch

Patch to fix callsign, and others, ... overflow

Tupone: feel free to fix the package and unmask it instead, as an actual fix is
*always* the preferred solution.

Fixed in CVS.
Please stabilize bzflag-2.0.4.20050930

I meant to stabilize bzflag-2.0.4.20050930-r1
Sorry

security flaw fixed.
package unmasked

I've marked this stable on x86.

stable on amd64.

It was marked stable on ppc
I think bug could be closed

This one is ready for GLSA decision. I tend to vote NO.

I tend to vote NO too for DoS on game server. Closing, feel free to reopen if
you disagree.