Page 1 of 1
Re: Another critical Q3 security bug
Posted: Thu Jul 13, 2006 2:48 pm
by Ganemi
riddla wrote:http://aluigi.altervista.org/adv/q3cfilevar-adv.txt
pfffffft. wonder if id will ever realize how cool it would be to work with the icculus guys and release a cock-solid PR for a change...
*whispers* With ragdolls.
*dodges a tomato*
Posted: Thu Jul 13, 2006 8:47 pm
by dzjepp
Yeah, syncerror, if id brings out a new patch, could you guys mebbe ask the icculus guys if you can merge their exe into an official id exe?
Posted: Sat Jul 15, 2006 12:51 am
by Timbo
The recent 1.32c patch WAS derived from ioq3 (the specific fixes were permitted to be committed to the closed version as well as the GPL version). The ioq3 changes couldn't ever be released by id, unless permission was granted from ALL the contributors.
Posted: Sat Jul 15, 2006 1:32 am
by dzjepp
Are there a ton of ioq3 contributors?
Posted: Sat Jul 15, 2006 9:54 am
by Foo
Posted: Sat Jul 15, 2006 8:03 pm
by dzjepp
So where the specific 1.32c fixes under obligation to be premitted by everyone that contributed to ioq3? Meaning if so, it wouldn't be too far fetched or impossible to get such an appraisal going for a full scale ioq3 merger with an id patch?
Posted: Sat Jul 15, 2006 8:07 pm
by Foo
I think the fixes specific to that were few in number, and from contributors still around and available to give permission. It's a different situation between the specific fixes they rolled into both, and the entire list of changes in IO.
Posted: Sat Jul 15, 2006 8:24 pm
by Kat
Am I reading that right, the bug only effects machines if autodownload is active? And you need to connect to a machine with the hack in place for it to do anything?
Posted: Thu Jul 20, 2006 9:37 pm
by ^misantropia^
This is correct, yes.
Posted: Sat Jul 22, 2006 11:59 am
by Oeloe
^^^^
Hi there, fellow lurker. 
Posted: Sat Jul 22, 2006 10:24 pm
by ^misantropia^
Have we met, sir?
(not quite a lurker, you, Oeloe. I remember your postcount being at least several hundred less than what I had when I left)