An update for Half-Life is now available:

• Fixed setting monitor refresh rates through -freq when used with -nofbo
  
• Fixed unnecessary texture rescaling with NPOT textures
  
• Fixed slist command, will now show servers on the local network
  
• Fixed erroneous return in SV_ClipToLinks (HL #1685)
  
• Fixed inability to reload a partially empty weapon after reloading a save game
  
• Fixed MP5 spread factor, multiplayer factor was being used for single player and single player for multiplayer
  
• Fixed progress bar for individual files in resource download always showing at 100%
  
• Added auto-saving of several cvars (HL #2237)
  
• Fixed missing localizations in spectator UI
  
• Fixed NPC turn rate when running at >60FPS
  
• Reordered columns in server browser to prevent game descriptions from being used to fake server player count
  
• Fixed sv_cheats from being settable by players in a multiplayer game (sv_cheats is controllable by the server)
  
• Added cl_autowepswitch cvar with values 0/1 to disable/enable auto weapon switching when a new weapon is picked up
  
• Fix various weapon animation/sound issues
  
• Security fixes to console commands
  
• Security fixes to resource loading
  
• Security fixes to saving/loading

This list covers the releases between March 20 and April 11 that are each part of a series of security updates.

Larger changes:

• Added privilege checking to command execution. Commands originating outside of the client are now only able to execute commands that are considered to be safe. Commands such as 'connect', 'bind', 'quit' and certain cvars such as 'cl_filterstuffcmd' are now only executable by trusted sources.
  
• Setting 'cl_filterstuffcmd' to a value greater than zero (e.g. 'cl_filterstuffcmd 1') will set a number of commands that are potentially abusable, such as 'say', 'fps_max', and 'setinfo', to also be only executable by privileged sources.

Fixes:

• Fixed client incorrectly blocking download of custom sprays

Security fixes:

• All custom resources downloaded from a server now have their file name's checked for safety before being allowed to download
  
• Invalid file extensions are now prevented in several commands
  
• Dynamic libraries are no longer searched for in custom resource directories
  
• Added additional file extensions to custom resource blocked extensions list
  
• Fixed buffer overflow in message delta parsing
  
• Fixed RCE in weapon message handling
  
• Fixed RCE in model loading
  
• Fixed RCE in saved game loading
  
• Fixed buffer overflows in TGA and BMP loading
  
• Fixed buffer overflow in demo playback
  
• Fixed buffer overflows in sequence file loading
  
• Fixed buffer overflows in model name loading
  
• Fixed buffer overflow in music playlist loading
  
• Fixed buffer overflow in detail texture loading
  
• Fixed buffer overflow in console map listing
  
• Fixed command chaining in cvar's that specified config files to be passed to the 'exec' command

A small update for Half-Life is now available:

Engine

• Fixed bug in skybox image loading
  
• Fixed bug in demo command processing
  
• Prevent certain path characters from being used in commands
  
• Enforce certain extensions be used for files specified in some commands

A small update for Half-Life is now available:

Engine

• Rate limit hltv commands to prevent connection issues

A small update for Half-Life is now available:

Engine

• Rate limit hltv commands to prevent connection issues

We have updated the public release of Half-Life.

Changes in this update are:

• Fixed crash when entering certain malformed strings into the game console. Thanks to Marshal Webb from BackConnect, Inc for reporting this.
  
• Fixed crash when loading a specially crafted malformed BSP file. Thanks to Grant Hernandez (@Digital_Cold) for reporting this.
  
• Fixed malformed SAV files allowing arbitrary files to be written into the game folder. Thanks to Vsevolod Saj for reporting this.
  
• Fixed a crash when quickly changing weapons that are consumable. Thanks to Sam Vanheer for reporting this.
  
• Fixed crash when setting custom decals

We have updated the public release of Half-Life.

Changes in this update are:

• Fixed crash when entering certain malformed strings into the game console. Thanks to Marshal Webb from BackConnect, Inc for reporting this.
  
• Fixed crash when loading a specially crafted malformed BSP file. Thanks to Grant Hernandez (@Digital_Cold) for reporting this.
  
• Fixed malformed SAV files allowing arbitrary files to be written into the game folder. Thanks to Vsevolod Saj for reporting this.
  
• Fixed a crash when quickly changing weapons that are consumable. Thanks to Sam Vanheer for reporting this.
  
• Fixed crash when setting custom decals

We have released a Beta update for Half-Life and associated games.
Changes in this update are:

• Fixed crash when loading maps with malformed entity data

We have released a Beta update for Half-Life and associated games.
Changes in this update are:

• Fixed crash when loading maps with malformed entity data

We have updated the public release of Half-Life.

Changes in this update are:

• Fixed mouse not working correctly in VGUI1 based UI's, mods and TFC make use of this