TS3 Server Version Beta12 / Sicherheitshinweise

Datum: 06.01.2010

Aktuell liegt der TS3 Server in der Verion BETA 12 vor. Dieses Update wurde am 31.12.2009 released, was nun schon 6 Tage zurück liegt. An den ersten Tagen der Teamspeak 3 open Beta wurden ja praktisch täglich neue Versionen veröffentlicht. Möglicherweise wurden nun die gröbsten Bugs und Sicherheitslücken gefixt bzw. die wichtigsten Änderungen vorgenommen.

Wichtig: Haltet euren Teamspeak 3 Server stets aktuell! In älteren Server-Versionen gibt möglicherweise Sicherheitslücken! Besonders Besitzer eines Rootservers sollten vorsichtig sein. Wenn es sich bei dem Rootserver um ein Produktivsystem handelt, solltet ihr auf die Stable Version warten und euch bis dahin einen TS3 Server mieten. Ihr könnt euch sicher sein, dass Hacker TS3 genau unter die Lupe nehmen, um Sicherheitslücken zu finden.

Was seit der BETA 5 geschah:

Server Release 3.0.0-beta12 31 Dec 2009

  • fixed overlooked case where a client could post a talk request although is_talker was granted
  • fixed general channel create behaviour
  • fixed sendServerGroupClientList database usage problems
  • added CLIENT_IS_TALKER to clienlist (parameter -voice) 
  • VIRTUALSERVER_ANTIFLOOD_POINTS_TICK_REDUCE cant be zero

Server Release 3.0.0-beta11 29 Dec 2009

  • throw an ERROR_client_to_many_clones_connected while connecting instead of an PERMISSION_i_client_max_clones permission error
  • clear CLIENT_IS_TALKER, CLIENT_TALK_REQUEST and CLIENT_TALK_REQUEST_MSG they are no longer required to talk.
  • properly handle PERMISSION_i_channel_max_depth and PERMISSION_i_channel_min_depth while creating a channel
  • added CLIENT_ID to whoami
  • remove log spam that occured when oversized UPD packets were received

Server Release 3.0.0-beta10 27 Dec 2009

  • Fixed bug that could lead to the server sending UDP packets with the network interface max capacity. Only systems with a instable system clock were affected.
  • Fixed a deadlock that could freeze the server so it no longer responded
  • fixed PERMISSION_b_channel_delete_* behaviour
  • prevent a memleak using pthread_create that could lead to a CRITICAL error message when the filetransfer port was attacked by many thousand connections
  • text messages added to flood protection (small)
  • clientdblist takes now optional parameters "start" and "duration" default values are start=0, duration=25

Server Release 3.0.0-beta9 26 Dec 2009

  • prevent denial of service on filetransfer port, that could also cause ASSERT failures

Server Release 3.0.0-beta8 25 Dec 2009

  • fixed possible crash while unregistering a query client
  • fixed possible case where clients got deleted from wrong groups
  • added CLIENT_IDLE_TIME, CONNECTION_CONNECTED_TIME to clientinfo
  • added CLIENT_VERSION, CLIENT_PLATFORM to clientlist (new parameter -info)
  • added VIRTUALSERVER_UNIQUE_IDENTIFIER to serverlist (new parameter -uid)
  • VIRTUALSERVER_HOSTBANNER_GFX_INTERVAL dont accepts values between 1-59

Server Release 3.0.0-beta7 24 Dec 2009

  • minor tcp stack improvements
  • added permission log entries for changing default groups
  • updated to sqlite 3.6.21

Server Release 3.0.0-beta6 23 Dec 2009

  • fixed PERMISSION_i_client_needed_move_power not taking all aspects into account
  • fixed PERMISSION_b_channel_modify_sortorder not used
  • fixed tcp flooding bug
  • dont print company name for none profit licenses to logfile
  • added crashdump support for win32/win64