Short description: Multiple buffer overflows
Related bug reports:
Patches: (sometimes more fuzz is needed to apply them)
Multiple format string vulnerabilities that allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Attached are patches for some vulnerable versions. Versions from before 0.3.5 had no (good) functioning network play. Making patches for those versions is quite easy as it is replacing “vsprintf(a” with “vsnprintf(a, sizeof(a)”.
Note: this is a partial backport of trunk r2899.