Topic: 0.6.4 released - another security fix
As with the 0.6.3 release, a reported security vulnerability motivated this release: This time, the security vulnerability is worse, attacker controlled memory-writes and possibly arbitrary code execution on the client, abusable by any server the client joins.
Fix the above-mentioned security vulnerability in the client (ff25472).
Fix a read of uninitialized memory that is sent over the network, from the server (7dd463d).
Use a different port for connless messages, increasing the difficulty of successful IP spoofing (7c43b76).
Make spoofing of server info packets harder (8af77b6).
Fix spoofing for vital chunks, and require most chunks to be vital (f457b58).
Sort by player count by default, instead of server name (1b2a91f).
Go download it now!