SUSE alert openSUSE-SU-2026:0155-1 (freeciv)
| From: | maintenance@opensuse.org | |
| To: | security-announce@lists.opensuse.org | |
| Subject: | openSUSE-SU-2026:0155-1: moderate: Security update for freeciv | |
| Date: | Mon, 27 Apr 2026 18:07:09 +0200 | |
| Message-ID: | <20260427160709.BC723FCE4@maintenance.suse.de> | |
| Archive-link: | Article |
openSUSE Security Update: Security update for freeciv ______________________________________________________________________________ Announcement ID: openSUSE-SU-2026:0155-1 Rating: moderate References: #1260036 Cross-References: CVE-2026-33250 Affected Products: openSUSE Backports SLE-15-SP6 openSUSE Backports SLE-15-SP7 ______________________________________________________________________________ An update that fixes one vulnerability is now available. Description: This update for freeciv fixes the following issues: - CVE-2026-33250: Fix a vulnerability allowing remote crashing of the server (boo#1260036). - update to version 3.0.10: * Generic bugfix release* Generic bugfix release * Fixed nation color selection assert failures when moving from pre-game to turn 1 * Fixed a crash when city removal left a unit stranded * Fixed growing of the internal string handling buffer, fixing, e.g., issues with very long lines in the savegame * Fixed fc_vsnprintf() return value on Windows, fixing, e.g., issues on loading the tutorial scenario * Various internal changes which should only affect developers * Fixed bad memory access while loading freeciv-2.6 format ruleset * Miscellaneous improvements to in-game text and user documentation * Miscellaneous changes to developer/install/ruleset docs * Updated translations * see https://freeciv.fandom.com/wiki/NEWS-3.0.10 - update to version 3.0.9: * Generic bugfix release * Set diplomatic relations state correctly between team members osdn#48295 * Fixed assert failures when city grows to freeciv's internal max city size (255) * Sammarinese city name Borgo Maggiore corrected osdn#48316 * Cargo gets bounced when transport is lost due to terrain change * Fixed crash with recursive autoattacks in case of occupychance setting being > 0 * Fixed memory corruption when transport is not bounced, but cargo is * Corrected amount treasury gets increased by a city in some situations * Cities stop working tiles turned unworkable at turn change * Fixed clearing city border claims when player gets removed from the game osdn#48837 * see https://freeciv.fandom.com/wiki/NEWS-3.0.9 Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP7: zypper in -t patch openSUSE-2026-155=1 - openSUSE Backports SLE-15-SP6: zypper in -t patch openSUSE-2026-155=1 Package List: - openSUSE Backports SLE-15-SP7 (aarch64 ppc64le s390x x86_64): freeciv-3.1.6-bp157.2.3.1 freeciv-debuginfo-3.1.6-bp157.2.3.1 freeciv-debugsource-3.1.6-bp157.2.3.1 freeciv-gtk3-3.1.6-bp157.2.3.1 freeciv-gtk3-debuginfo-3.1.6-bp157.2.3.1 freeciv-gtk4-3.1.6-bp157.2.3.1 freeciv-gtk4-debuginfo-3.1.6-bp157.2.3.1 freeciv-qt-3.1.6-bp157.2.3.1 freeciv-qt-debuginfo-3.1.6-bp157.2.3.1 - openSUSE Backports SLE-15-SP7 (noarch): freeciv-lang-3.1.6-bp157.2.3.1 - openSUSE Backports SLE-15-SP6 (aarch64 i586 ppc64le s390x x86_64): freeciv-3.0.10-bp156.2.3.1 freeciv-gtk3-3.0.10-bp156.2.3.1 freeciv-qt-3.0.10-bp156.2.3.1 - openSUSE Backports SLE-15-SP6 (noarch): freeciv-lang-3.0.10-bp156.2.3.1 References: https://www.suse.com/security/cve/CVE-2026-33250.html https://bugzilla.suse.com/1260036