Debian Bug report logs -
#370146
netpanzer: [CVE-2006-2575] setFrame() Denial of Service Vulnerability
Reported by: SALVETTI Djoume <djoume@taket.org>
Date: Sat, 3 Jun 2006 17:48:02 UTC
Severity: normal
Tags: sarge, security, sid
Found in version netpanzer/0.8-1
Fixed in version netpanzer/0.8+svn20060319-2
Done: Gonéri Le Bouder <goneri@rulezlan.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, Alioth Games Devel Team <pkg-games-devel@lists.alioth.debian.org>:
Bug#370146; Package netpanzer.
(full text, mbox, link).
Acknowledgement sent to SALVETTI Djoume <djoume@taket.org>:
New Bug report received and forwarded. Copy sent to Alioth Games Devel Team <pkg-games-devel@lists.alioth.debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: netpanzer
Severity: normal
Tags: security
Good day,
CVE-2006-2575 :
| The setFrame function in Lib/2D/Surface.hpp for NetPanzer 0.8 and
| earlier allows remote attackers to cause a
| denial of service (crash) via a client flag (frameNum) that is greater
| than 41, which triggers an assert
| error.
See also : http://aluigi.altervista.org/adv/panza-adv.txt
Please mention the CVE number in the changelog when fixing it.
Regards
--
Djoume SALVETTI
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: powerpc (ppc)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-powerpc
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Tags added: pending, sarge, sid
Request was from "Eddy Petrişor" <eddy.petrisor@gmail.com>
to control@bugs.debian.org.
(full text, mbox, link).
Bug marked as found in version 0.8-1.
Request was from "Eddy Petrişor" <eddy.petrisor@gmail.com>
to control@bugs.debian.org.
(full text, mbox, link).
Reply sent to Gonéri Le Bouder <goneri@rulezlan.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to SALVETTI Djoume <djoume@taket.org>:
Bug acknowledged by developer.
(full text, mbox, link).
Message #14 received at 370146-close@bugs.debian.org (full text, mbox, reply):
Source: netpanzer
Source-Version: 0.8+svn20060319-2
We believe that the bug you reported is fixed in the latest version of
netpanzer, which is due to be installed in the Debian FTP archive:
netpanzer_0.8+svn20060319-2.diff.gz
to pool/main/n/netpanzer/netpanzer_0.8+svn20060319-2.diff.gz
netpanzer_0.8+svn20060319-2.dsc
to pool/main/n/netpanzer/netpanzer_0.8+svn20060319-2.dsc
netpanzer_0.8+svn20060319-2_powerpc.deb
to pool/main/n/netpanzer/netpanzer_0.8+svn20060319-2_powerpc.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 370146@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Gonéri Le Bouder <goneri@rulezlan.org> (supplier of updated netpanzer package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 4 Jun 2006 14:27:45 +0200
Source: netpanzer
Binary: netpanzer
Architecture: source powerpc
Version: 0.8+svn20060319-2
Distribution: unstable
Urgency: low
Maintainer: Debian Games Team <pkg-games-devel@lists.alioth.debian.org>
Changed-By: Gonéri Le Bouder <goneri@rulezlan.org>
Description:
netpanzer - online multiplayer tactical warfare game
Closes: 370146
Changes:
netpanzer (0.8+svn20060319-2) unstable; urgency=low
.
* fix watch file
* Standards-Version: 3.7.2
* update Debian Games Team home page in copyright file
* [CVE-2006-2575] setFrame() Denial of Service Vulnerability
Closes: #370146
* switch from dpatch to simple-patchsys
Files:
5f2aac357438d51296c3df3cb2345c07 783 games optional netpanzer_0.8+svn20060319-2.dsc
6c2e7356dfb7056aeeffc0eba002e83e 4900 games optional netpanzer_0.8+svn20060319-2.diff.gz
78a22d0c853151427a486d332a4fa602 486930 games optional netpanzer_0.8+svn20060319-2_powerpc.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iD8DBQFEtjVtBxd04ADYzRYRAnxGAJ4xyF7mAIZ0Yz6iMnLgaadd36pagACePjEk
V5/dKtkhVRFqg279dmooB9Y=
=fYZG
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Mon, 25 Jun 2007 11:38:58 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:25:10 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon