142394 2006-08-01 02:27 0000 games-action/armagetronad - remote crash condition 2006-09-26 08:36:14 0000 1 1 1 Unclassified Gentoo Security Vulnerabilities unspecified All Linux RESOLVED FIXED http://aluigi.altervista.org/adv/atrondos-adv.txt B3 [noglsa] jaervosz P2 minor --- 1 carlo@gentoo.org security@gentoo.org games@gentoo.org carlo@gentoo.org 2006-08-01 02:27:13 0000 --------------------------------------- A] crash through an invalid owner value --------------------------------------- A program's termination or a crash happen when a client sends an owner value major than MAXCLIENTS+1. The function which reads this value is the following located in network/nNetObject.cpp: nNetObject::nNetObject(nMessage &m):lastSyncID_(m.MessageIDBig()),refCtr_(0) If the value is not excessively big the server terminates with the following message: Internal Error: Internal error in static nMachine& nMachine::GetMachine (short unsigned int) in network/nNetwork.cpp:3820 : Assertion userID <= MAXCLIENTS+1 failed ----------------------------------------------- B] freeze through invalid num in id_req_handler ----------------------------------------------- A client can freeze the server using a big num value (like 0x7fff or 0xffff) in the id_req_handler function used by the server in network/nNetObject.cpp. The server will be and will remain freezed with CPU at 100%. http://aluigi.altervista.org/adv/atrondos-adv.txt koon@gentoo.org 2006-08-02 06:41:33 0000 Anything upstream ? koon@gentoo.org 2006-08-12 07:49:11 0000 ====================== 0.2.8.2.1 - August 5th, 2006 This version of Armagetron Advanced fixes some security flaws. It is recommended that you update to this version as soon as possible. Available on the download page as usual. ====================== games team, please bump. wolf31o2@gentoo.org 2006-08-30 17:57:52 0000 Lovely... upstream has completely whacked out the build system (which is why we aren't on 0.2.8, at all)... we'll need to look into it a bit... I'm hoping to start looking into it tomorrow, but the 0.2.8 series hasn't been added for some time now, on purpose. See bug #102615 for more information. registration-bitch@generalconsumption.org 2006-09-05 02:01:35 0000 Patches for 0.2.7.1 here: http://sourceforge.net/tracker/index.php?func=detail&aid=1534859&group_id=110997&atid=657950 jaervosz@gentoo.org 2006-09-05 06:24:29 0000 Games please patch. wolf31o2@gentoo.org 2006-09-06 15:54:51 0000 Fixed in 0.2.7.1-r1... PPC still needs to test... dertobi123@gentoo.org 2006-09-07 22:51:19 0000 ppc stable koon@gentoo.org 2006-09-13 09:50:33 0000 Against game server so I'd say yes. jaervosz@gentoo.org 2006-09-13 10:02:35 0000 I'll vote YES as well so we're going to have a GLSA. jaervosz@gentoo.org 2006-09-19 06:40:32 0000 Tavis made me change my mind:-) Back to voting. frilled@gentoo.org 2006-09-19 07:10:25 0000 Ok, my feeling also says this doesn't merit a GLSA. BUT you'd have to back that up with something from policy, and I doubt you can. There's only "DoS" as a criteria, and "stable tree". If we let this one slip (well, actually in any case) we should definitely clarify what will be covered by GLSAs and what not. Arbitrariness is not going to lead us anywhere :) jaervosz@gentoo.org 2006-09-19 08:01:33 0000 We already have the vote in Policy. If a vote on games most often turns out to be a NO I see no reason to update Policy. frilled@gentoo.org 2006-09-19 21:50:19 0000 Hmm, probably bad wording on my part. If we feel that game server DoSes (and other stuff we might encounter) are not worth issuing a GLSA (and I personally think that's a good idea) I think we should make that clear somehow, or at least a bit clearer so people are able to understand it better. Transparency is always good. falco@gentoo.org 2006-09-25 11:26:47 0000 i'm late but i would have voted no. taviso@gentoo.org 2006-09-26 08:26:47 0000 vote NO, impact is too minor (more of an annoyance than a DoS, should be fixed but does not warrant a glsa imho). jaervosz@gentoo.org 2006-09-26 08:36:14 0000 Closing with NO GLSA. Feel free to reopen if you disagree.