Author Topic: subversion and release incompatibility (Read 3372 times)

testian · « **on:** June 06, 2006, 01:21:06 pm »

The release of Tremulous 1.1 has 2 client- and 1 server-side security holes.
The server-side hole is an information leak (only if the server allows download), the client-side ones are buffer overflows.

I'm paranoid so I want to use tremulous out of subversion as soon as the fix is ready, but it seems the executables i get are incompatible with the data files of Tremulous 1.1.
(I got an error message, I can post it when I am at home).

Should it be compatible or do I have to wait for the next release of tremulous?

tjw · « **Reply #1 on:** June 06, 2006, 07:37:15 pm »

You can use the binary built from SVN for a dedicated server, you just
also need to use the game.qvm built from SVN. You should be able to
glean details on how to do this from this:

http://tjw.org/tremulous/

As for the client, it would require a backport of the patch applied to revision 755 or so. This is something I've been meaning to do since
I maintain versions of the bins with the cl_guid added. I just haven't got around to it.

tjw · « **Reply #2 on:** June 08, 2006, 05:32:41 am »

http://trem.tjw.org/backport/

Those binaries have the May 8, 2006 security fix for:
http://lists.grok.org.uk/pipermail/full-disclosure/2006-May/045906.html

Tremulous Forum

News:

Author Topic: subversion and release incompatibility (Read 3372 times)

testian

subversion and release incompatibility

tjw

subversion and release incompatibility

tjw

subversion and release incompatibility