CVE request: teeworlds: security issues fixed in 0.6.3 release

[Salvatore Bonaccorso <carnil () debian org>]

Hi

teeworlds's upstream mentioned the following regardin the 0.6.3 release[1]:

> 0.6.3 released - security fix
>
> As a result of a recently reported security vulnerability in the server,
> this release contains little updates. In particular it's only the
> following changes:
>
> Bugfixes:
>
>  * Fix the above-mentioned security vulnerability (Memory reads,
>    Segmentation Fault) in all 0.6.x servers.
>
>  * Fix server crash in the console code.
>
>  * Fix master server lookup for servers.
>
>  * Fix scripts/make_release.py script.
>
>  * Fix client crash when opening a map with an invalid version.
>
> As a result, server owners are urged to upgrade ASAP, you're running an
> exploitable server right now.
>
> Client updates however, are not as urgent as the server updates, because
> the only fix is an editor crash.

I'm not sure if (and how many) CVEs might be assigned. The server
crash was fixed with commit in [2].

References:

 [1] https://www.teeworlds.com/?page=news&id=11200
 [2] https://github.com/teeworlds/teeworlds/commit/a766cb44bcffcdb0b88e776d01c5ee1323d44f85
 [3] https://bugs.debian.org/770514
 [4] https://bugzilla.redhat.com/show_bug.cgi?id=1167167

Regards,
Salvatore