Bug#666222: pu: package tremulous/1.1.0-8~squeeze1 (contrib)
On Thu, 29 Mar 2012 at 21:42:42 +0100, Simon McVittie wrote:
> This update reduces attackers' ability to perform a reflected DoS attack by
> sending spoofed UDP packets to multiple Tremulous servers, by rate-limiting
> large responses to those packets. It's the same thing as DSA-2442-1 in
> OpenArena, but also incorporates a fix for a regression in that update
> (I've just uploaded the corresponding fix for OpenArena to security-master).
(... which is DSA-2442-2, and has now been released.)