From email to the teamspeak announce list: Dear TeamSpeak user! You're receiving this email because you've subscribed to the official TeamSpeak newsletter service. A new version of the TeamSpeak 2 server is now available for download. This release deals with several NULL-byte issues in the TCP query interface which could cause database corruption. Because 2.0.24.1 is a security release, it is important that you upgrade your TeamSpeak servers as soon as possible. Upgrading from any version on Linux, simply involves overwriting your currently installed server binary with the updated version. Windows users can use the new executable or service installer to get their servers up-to-date. You can grab the new release from our Downloads page. http://www.teamspeak.com/?page=downloads A full package will be released soon if no more bugs are found. Do not reply to this message! Any reply to this message will be deleted by our system. Sincerely, The TeamSpeak Team
I have committed an ebuild for 2.0.24.01 that resolves this issue; it is a hybrid ebuild like the last couple I've done for teamspeak-server. Since this is a security issue, I'd like to stable the new ebuild as soon as possible so I can remove the vulnerable one from the tree. Thanks, mjolnir.
thanks for the report Martin. Arches, please test and mark stable media-sound/teamspeak2-server-bin-2.0.24.01. Target keywords are: "-* amd64 x86"
x86 stable
amd64 stable
If we stay with that severity level, GLSA vote is now open
ping, please vote.
I tend to vote NO.
voting NO.
no too closing feel free reopen if disagree