Bugzilla – Bug 1170252
VUL-0: CVE-2020-12066: teeworld: denial of service against server
Last modified: 2020-04-29 10:15:10 UTC
https://www.teeworlds.com/forum/viewtopic.php?id=14785 https://github.com/teeworlds/teeworlds/commit/c68402fa7e279d42886d5951d1ea8ac2facc1ea5 An exploit was discovered, that allows to crash any 0.7 Teeworlds server. Though it does not compromise the security of the host (e.g. no arbitrary accesses in memory) it lets an attacker force a server to repetitively shut down. The 0.7.5 release is a security update that aims to patch this server exploit. As such, it is very light in features, and is mostly made of fixes. You can find the full changelog here. If you are not a server host, it is not necessary to update. If you are hosting a server modification, you should at least consider to apply c68402fa7e2.
Should be fixed with an update to version 0.7.5: Factory SR#796693 Leap15.1 SR#796694
This is an autogenerated message for OBS integration: This bug (1170252) was mentioned in https://build.opensuse.org/request/show/796694 15.1 / teeworlds
openSUSE-SU-2020:0557-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1170252,1170253 CVE References: CVE-2019-20787,CVE-2020-12066 Sources used: openSUSE Leap 15.1 (src): teeworlds-0.7.5-lp151.2.6.1
openSUSE-SU-2020:0563-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1170252,1170253 CVE References: CVE-2019-20787,CVE-2020-12066 Sources used: openSUSE Backports SLE-15-SP1 (src): teeworlds-0.7.5-bp151.2.6.1