Jonathan Gray 8fc8601e0b CVE-2005-0430 Fixed q3infoboom ... CVE-2005-0430 The Quake 3 engine, as used in multiple game packages, allows remote attackers to cause a denial of service (shutdown game server) and possibly crash the server via a long infostring, possibly triggering a buffer overflow. Luigi Auriemma q3infoboom from Tim Angus in ioquake3 svn 95 git 33a48a0336865a9d21983e4836920cd9f3401101 It looks as if the q3infoboom bug has already been fixed in ioQ3 in a different way, though this patch addresses the cause. The existing fix should stay since it's a sensible sanity check anyway. from http://www.quakesrc.org/forums/viewtopic.php?t=5374		2013-05-07 22:18:29 +10:00
..
botlib	set some possibly uninitialised vars to zero	2013-05-02 13:47:51 +10:00
cgame	remove the use of 'typedef enum' without an indentifier	2013-05-02 13:47:50 +10:00
client	const fixes	2013-05-02 13:47:51 +10:00
encryption	ditch dos style newlines	2013-04-23 15:21:39 +10:00
ff	ditch dos style newlines	2013-04-23 15:21:39 +10:00
game	CVE-2005-0430 Fixed q3infoboom	2013-05-07 22:18:29 +10:00
ghoul2	avoid scoped enums which was until very recently a microsoft extension	2013-04-25 23:51:57 +10:00
goblib	ditch dos style newlines	2013-04-23 15:21:39 +10:00
icarus	remove surplus tokens after preprocessor directives	2013-05-02 13:47:50 +10:00
jpeg-6	fix #includes to compile on non windows without pch	2013-04-25 23:51:46 +10:00
mp3code	rename some files to restore the correct case	2013-04-26 22:27:19 +10:00
null	make some ifdefs more specific to let this compile on more platforms	2013-04-26 22:27:23 +10:00
png	ditch dos style newlines	2013-04-23 15:21:39 +10:00
qcommon	set some possibly uninitialised vars to zero	2013-05-02 13:47:51 +10:00
Ratl	remove surplus tokens after preprocessor directives	2013-05-02 13:47:50 +10:00
Ravl	fix some accesses beyond the end of arrays spotted via clang	2013-04-26 22:27:24 +10:00
renderer	set some possibly uninitialised vars to zero	2013-05-02 13:47:51 +10:00
RMG	strupr -> Q_strupr	2013-04-26 22:27:21 +10:00
sdl	const fixes	2013-05-02 13:47:51 +10:00
server	CVE-2005-0430 Remotely exploitable Infostring Crash	2013-05-07 22:17:57 +10:00
smartheap	remove some binary libraries	2013-04-23 15:30:43 +10:00
Splines	ditch dos style newlines	2013-04-23 15:21:39 +10:00
strings	ditch dos style newlines	2013-04-23 15:21:39 +10:00
ui	remove the use of 'typedef enum' without an indentifier	2013-05-02 13:47:50 +10:00
unix	add sdl glimp/input from ioquake3 for MP	2013-04-30 15:02:26 +10:00
win32	strnicmp -> Q_strnicmp	2013-04-25 23:51:56 +10:00
x_botlib	Deleted all the Visual SourceSafe files.	2013-04-06 20:59:34 -04:00
x_exe	Deleted all the Visual SourceSafe files.	2013-04-06 20:59:34 -04:00
x_jk2cgame	Deleted all the Visual SourceSafe files.	2013-04-06 20:59:34 -04:00
x_jk2game	Deleted all the Visual SourceSafe files.	2013-04-06 20:59:34 -04:00
x_ui	Deleted all the Visual SourceSafe files.	2013-04-06 20:59:34 -04:00
zlib32	provide a gcc style alternative to the inline asm in zlib	2013-04-26 22:27:20 +10:00
buildvms.bat	Jedi Academy Release	2013-04-04 17:35:38 -05:00
cleanvms.bat	Jedi Academy Release	2013-04-04 17:35:38 -05:00
CMakeLists.txt	disable some noisy and mostly harmless warnings	2013-05-02 13:47:51 +10:00
CommandLine.txt	Jedi Academy Release	2013-04-04 17:35:38 -05:00
install.bat	Jedi Academy Release	2013-04-04 17:35:38 -05:00
installvms.bat	Jedi Academy Release	2013-04-04 17:35:38 -05:00
jk2mp.vcproj	Jedi Academy Release	2013-04-04 17:35:38 -05:00
JKA_mp.sln	Jedi Academy Release	2013-04-04 17:35:38 -05:00
namespace_begin.h	ditch dos style newlines	2013-04-23 15:21:39 +10:00
namespace_end.h	remove surplus tokens after preprocessor directives	2013-05-02 13:47:50 +10:00
tonet.bat	Jedi Academy Release	2013-04-04 17:35:38 -05:00
tosend.bat	Jedi Academy Release	2013-04-04 17:35:38 -05:00
update_MPents.bat	Jedi Academy Release	2013-04-04 17:35:38 -05:00
VU.bat	Jedi Academy Release	2013-04-04 17:35:38 -05:00
WinDed.dsp	Jedi Academy Release	2013-04-04 17:35:38 -05:00
WinDed.vcproj	Jedi Academy Patch 1.01	2013-04-04 18:21:13 -05:00