Bug 26553

Thanks David.

CVE-2019-20787 was already fixed in teeworlds 0.7.4 in Cauldron, but I had not noticed it so it was not backported to Mageia 7.

CVE-2020-12066 fixed in teeworlds-0.7.5-1.mga8.

Pushing 0.7.5 to Mageia 7 (from 0.7.3.1) to fix both CVEs.

Mageia 7 advisory:
==================

Updated teeworlds packages fix security vulnerabilities

  Teeworlds before 0.7.4 is subject to an integer overflow when computing a
  tilemap size (CVE-2019-20787).

  Teeworlds before 0.7.5 is subject to a denial of service against the server
  (CVE-2020-12066).

  This update fixes both vulnerabilities by updating from Teeworlds 0.7.3.1 to
  0.7.5, including additional features and bug fixes (see the referenced
  changelogs for details).

References:

 - https://lists.opensuse.org/opensuse-updates/2020-04/msg00123.html
 - https://www.teeworlds.com/?page=journal&id=13357
 - https://www.teeworlds.com/forum/viewtopic.php?id=14784

SRPM in core/updates_testing:
=============================

teeworlds-0.7.5-1.mga7

RPMs in core/updates_testing:
=============================

teeworlds-0.7.5-1.mga7
teeworlds-data-0.7.5-1.mga7.noarch
teeworlds-server-0.7.5-1.mga7

Testing procedure:
==================

Teeworlds is a game, you can run it from the DE menu or the command line. You can check that the main menu works, and try to connect to a public server. Don't worry about bothering players by going in and out, games are fast-paced and short so you would hardly be noticed.

The DoS affects the server, but I'd suggest that confirming its fix goes beyond our QA team's responsibilities.

Version: Cauldron => 7
Keywords: (none) => has_procedure
Assignee: rverschelde => qa-bugs
Whiteboard: MGA7TOO => (none)

MGA7-64 Plasma on Lenovo B50
No innstallation issues.
Just trying to do something.
At CLI:
# /usr/games/teeworlds_srv &
[1] 8133
[root@mach5 ~]# [2020-04-28 11:52:12][engine]: running on unix-linux-amd64
[2020-04-28 11:52:12][engine]: arch is little endian
[2020-04-28 11:52:12][storage]: couldn't open storage.cfg
[2020-04-28 11:52:12][storage]: using standard paths
[2020-04-28 11:52:12][storage]: added path '$USERDIR' ('/root/.local/share/teeworlds')
[2020-04-28 11:52:12][storage]: added path '$DATADIR' ('/usr/share/teeworlds/data')
[2020-04-28 11:52:12][storage]: added path '$CURRENTDIR' ('/root')
[2020-04-28 11:52:12][storage]: added path '$APPDIR' ('/usr/games')
[2020-04-28 11:52:12][console]: failed to open 'autoexec.cfg'
[2020-04-28 11:52:12][server]: starting...
[2020-04-28 11:52:12][datafile]: loading. filename='maps/dm1.map'
[2020-04-28 11:52:12][datafile]: allocsize=3884
[2020-04-28 11:52:12][datafile]: readsize=3484
[2020-04-28 11:52:12][datafile]: swaplen=3504
[2020-04-28 11:52:12][datafile]: item_size=3096
[2020-04-28 11:52:12][datafile]: loading done. datafile='maps/dm1.map'
[2020-04-28 11:52:12][datafile]: loading data index=14 size=288 uncompressed=1148
[2020-04-28 11:52:12][datafile]: loading data index=15 size=592 uncompressed=1380
[2020-04-28 11:52:12][datafile]: loading data index=16 size=238 uncompressed=448
[2020-04-28 11:52:12][datafile]: loading data index=17 size=303 uncompressed=860
[2020-04-28 11:52:12][datafile]: loading data index=18 size=517 uncompressed=1828
[2020-04-28 11:52:12][datafile]: loading data index=19 size=114 uncompressed=224
[2020-04-28 11:52:12][server]: maps/dm1.map sha256 is 491af17a510214506270904f147a4c30ae0a85b91bb854395bef8c397fc078c3
[2020-04-28 11:52:12][server]: maps/dm1.map crc is 64548818
[2020-04-28 11:52:12][server]: server name is 'unnamed server'
[2020-04-28 11:52:12][server]: version 0.7 802f1be60a05665f
[2020-04-28 11:52:12][server]: +-------------------------+
[2020-04-28 11:52:12][server]: | rcon password: 'Fb2EUB' |
[2020-04-28 11:52:12][server]: +-------------------------+
and more ....

In another tab:
$ /usr/games/teeworlds
[2020-04-28 11:52:44][engine]: running on unix-linux-amd64
[2020-04-28 11:52:44][engine]: arch is little endian
[2020-04-28 11:52:44][storage]: couldn't open storage.cfg
[2020-04-28 11:52:44][storage]: using standard paths
[2020-04-28 11:52:44][storage]: added path '$USERDIR' ('/home/tester7/.local/share/teeworlds')
[2020-04-28 11:52:44][storage]: added path '$DATADIR' ('/usr/share/teeworlds/data')
[2020-04-28 11:52:44][storage]: added path '$CURRENTDIR' ('/home/tester7')
[2020-04-28 11:52:44][storage]: added path '$APPDIR' ('/usr/games')
[2020-04-28 11:52:44][binds]: bound f1 (186) = toggle_local_console
[2020-04-28 11:52:44][binds]: bound f2 (187) = toggle_remote_console
[2020-04-28 11:52:44][binds]: bound tab (9) = +scoreboard
[2020-04-28 11:52:44][binds]: bound e (101) = +stats
[2020-04-28 11:52:44][binds]: bound u (117) = +show_chat
and so on ....
In the game,conected to localhost, and I got a game where I could shoot at ????, but did not get any further as it was waiting for a second player, which would never come of course.
But the thing seems to work OK.

Rémi, I am OKing this. If you do not agree, just remove it.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA7-64-OK

Looks good to me, so I'll validate. Remi, of course my validation can easily be removed if I'm wrong, so it's still up to you.

Advisory in Comment 1.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2020-0191.html

Status: NEW => RESOLVED
Resolution: (none) => FIXED