Package "redeclipse"

Name:	redeclipse
Description:	single-player and multi-player first-person ego-shooter
Latest version:	1.2-2ubuntu0.1
Release:	precise (12.04)
Level:	security
Repository:	multiverse
Homepage:	http://www.redeclipse.net

Links

Raw Package Information

All versions of this package

Bug fixes

List of files in package

Repository home page

Download "redeclipse"

32-bit deb package

64-bit deb package

APT INSTALL

Other versions of "redeclipse" in Precise

Repository	Area	Version
base	multiverse	1.2-2
updates	multiverse	1.2-2ubuntu0.1
backports	multiverse	1.3.1-1~ubuntu12.04.1
PPA: GetDeb Games		1.4-1~getdeb1

Packages in group

Deleted packages are displayed in grey.

Changelog

Version: 1.2-2ubuntu0.1 2012-08-16 07:06:44 UTC

redeclipse (1.2-2ubuntu0.1) precise-security; urgency=low * SECURITY UPDATE: Game maps can in cube2-engine games be transmitted either from server to client or from client to client, which includes a config file (mapname.cfg) which is in "cubescript" format, this makes it possible for an attacker to send a malign script via a new map (which must be chosen by admin on a server, or created in cooperative editing mode). A script like this could trivially read/write to any files which the user running the client has access to (it is executed when the client loads the map). (LP: #1034148) - Add debian/patches/security-text-command-fix.patch This patch stops "textedit" commands being able to be run in map-run scripts, thus disabling the ability to read/write to user files. -- Martin Erik Werner <email address hidden> Thu, 02 Aug 2012 15:01:30 +0200

1034148

redeclipse: security issues with transmitted map cfgs

About - Send Feedback to @ubuntu_updates

Package "redeclipse"

Links

Download "redeclipse"

Other versions of "redeclipse" in Precise

Packages in group

Changelog

Share this page

Bookmarks

Latest updates

proposed

PPA updates