Date: Sun, 19 Mar 2017 04:54:14 +0000 From: bugzilla-noreply@freebsd.org To: freebsd-ports-bugs@FreeBSD.org Subject: [Bug 217911] games/ioquake3 remote dll loading security issues Message-ID: <bug-217911-13@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D217911 Bug ID: 217911 Summary: games/ioquake3 remote dll loading security issues Product: Ports & Packages Version: Latest Hardware: Any OS: Any Status: New Severity: Affects Many People Priority: --- Component: Individual Port(s) Assignee: kami@freebsd.org Reporter: darkfiberiru@gmail.com Flags: maintainer-feedback?(kami@freebsd.org) Assignee: kami@freebsd.org http://ioquake3.org/2017/03/13/important-security-update-please-update-ioqu= ake3-immediately/ Looks like ioquake3 had a bug where pk3 files from remote servers could get loaded as libraries...=20 This could mean un-elevated Remote code execution Commit where it is fixed. https://github.com/ioquake/ioq3/commit/376267d534476a875d8b9228149c4ee18b74= a4fd --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-217911-13>