Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 447490 (CVE-2012-5645) - <games-strategy/freeciv-2.3.3: security updates available for DoS (CVE-2012-5645)
Summary: <games-strategy/freeciv-2.3.3: security updates available for DoS (CVE-2012-5...
Status: RESOLVED FIXED
Alias: CVE-2012-5645
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2012-12-16 16:41 UTC by Wojciech Myrda
Modified: 2013-01-02 19:06 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Wojciech Myrda 2012-12-16 16:41:13 UTC
There is new version of freeciv is available as of Dec 8, 2012 icluding huge amount of bug fises http://freeciv.wikia.com/wiki/NEWS-2.3.3

among them even security bug!
Security fix: malformed network packets could cause denial of service (memory exhaustion or CPU-bound loop) http://gna.org/bugs/?20003

please include in the tree
Comment 1 Sean Amoss (RETIRED) gentoo-dev Security 2012-12-16 22:22:52 UTC
Thank you for the report, Wojciech.
Comment 2 Mr. Bones. (RETIRED) gentoo-dev 2012-12-17 07:58:28 UTC
2.3.3 is in portage.
Comment 3 Sean Amoss (RETIRED) gentoo-dev Security 2012-12-29 15:33:25 UTC
(In reply to comment #2)
> 2.3.3 is in portage.

Thanks.

Arches, please test and mark stable =games-strategy/freeciv-2.3.3
Comment 4 Sergey Popov gentoo-dev 2012-12-29 17:44:25 UTC
amd64 stable
Comment 5 Paweł Hajdan, Jr. (RETIRED) gentoo-dev 2012-12-31 20:05:28 UTC
x86 stable
Comment 6 Tim Sammut (RETIRED) gentoo-dev 2013-01-02 18:31:19 UTC
Thanks, folks. GLSA Vote: no.
Comment 7 Sean Amoss (RETIRED) gentoo-dev Security 2013-01-02 19:06:00 UTC
GLSA vote: no. 

Closing noglsa