Bug#666222: pu: package tremulous/1.1.0-8~squeeze1 (contrib)

To: 666222@bugs.debian.org
Subject: Bug#666222: pu: package tremulous/1.1.0-8~squeeze1 (contrib)
From: Simon McVittie <smcv@debian.org>
Date: Sun, 1 Apr 2012 14:28:23 +0100
Message-id: <[🔎] 20120401132823.GA9882@reptile.pseudorandom.co.uk>
Reply-to: Simon McVittie <smcv@debian.org>, 666222@bugs.debian.org
In-reply-to: <20120329204242.GA4944@reptile.pseudorandom.co.uk>
References: <20120329204242.GA4944@reptile.pseudorandom.co.uk>

On Thu, 29 Mar 2012 at 21:42:42 +0100, Simon McVittie wrote:
> This update reduces attackers' ability to perform a reflected DoS attack by
> sending spoofed UDP packets to multiple Tremulous servers, by rate-limiting
> large responses to those packets. It's the same thing as DSA-2442-1 in
> OpenArena, but also incorporates a fix for a regression in that update
> (I've just uploaded the corresponding fix for OpenArena to security-master).

(... which is DSA-2442-2, and has now been released.)

    S

Reply to:

Prev by Date: Re: Bug#666649: libav-extra: FTBFS: build-dependency not installable: libav-source (>= 4:0.8.1-1~)
Next by Date: Bug#666687: pu: package apr_1.4.2-6+squeeze4
Previous by thread: Re: Bug#666649: libav-extra: FTBFS: build-dependency not installable: libav-source (>= 4:0.8.1-1~)
Next by thread: Bug#666222: pu: package tremulous/1.1.0-8~squeeze1 (contrib)
Index(es):
- Date
- Thread