Because of a somewhat urgent security issue, eihrul issued a patch to the latest Sauerbraten: Collect Edition.
Be advised to update your Sauerbraten biaries both for server and client, as soon as possible.
The major client- and server-mods have been notified and are in the process of updating the source.
Here a list of patched binaries, that I know of:
(I will update the list when something changes)
- Vanilla Sauerbraten
- WC-ng (safe since 2000 B.C.)
Because I got a lot of inquiries about the nature of this issue, I decided to add a short explanation of what this patch is about. Note, I haven’t analyzed shit, nor am I connected to the discovery in any way, so all I can do is Chinese whispers.
It just so happened that, forcing a map with a special formatted name, an attacker would be able to traverse file directories on the client side. This can cause the client to freeze. Furthermore it is suspected, that this attack could lead to remote code execution. If you don’t know what this means, you don’t know how to wikipedia.
What this means for you as a player is best done using eihrul’s words from the comments below.
IF YOU STILL THINK ABOUT WHETHER YOU SHOULD PATCH YOUR SAUER OR NOT, ALL HOPE IS LOST.
Here some useful links, including a patch for those who don’t want to download the full package:
Vanilla Sauerbraten Downloads:
Sauerworld Resources page (for downloading mods):