Gentoo Bug 195520 - games-strategy/wesnoth <1.2.7 Denial of Service Vulnerability (CVE-2007-3917)

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bug#:	195520
Alias:
Product:
Component:
Status:	RESOLVED
Resolution:	FIXED
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	Tobias Heinlein <keytoaster@gentoo.org>
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 195520 depends on:			Show dependency tree
Bug 195520 blocks:			Show dependency tree

Additional Comments: (this is where you put emerge --info)

Add to CC list

Not eligible to see or edit group visibility for this bug.

Leave as RESOLVED FIXED
Reopen bug
Mark bug as VERIFIED
Mark bug as CLOSED

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2007-10-11 17:38 0000

CVE-2007-3917 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-3917):
  Unspecified vulnerability in the multiplayer engine in Wesnoth before 1.2.7
  allows remote servers to cause a denial of service (client application crash)
  via invalid UTF-8 strings.  NOTE: some of these details are obtained from
  third-party information.

------- Comment #1 From Tobias Heinlein 2007-10-11 17:41:36 0000 -------

Games, please create an updated ebuild.

------- Comment #2 From Robert Buchholz 2007-10-11 20:29:18 0000 -------

games, is the 1.2.7 in the tree ok to go stable?

------- Comment #3 From Mr. Bones. 2007-10-11 21:28:32 0000 -------

Already in portage.  Just needs to be stablized.

------- Comment #4 From Christian Faulhammer 2007-10-12 08:09:42 0000 -------

x86 stable

------- Comment #5 From Tobias Scherbaum 2007-10-12 17:51:48 0000 -------

ppc stable

------- Comment #6 From Markus Rothe 2007-10-14 15:59:01 0000 -------

ppc64 stable

------- Comment #7 From Ferris McCormick 2007-10-18 14:46:54 0000 -------

Stable on sparc.

------- Comment #8 From Mike Doty 2007-10-22 04:14:06 0000 -------

amd64 stable

------- Comment #9 From Sune Kloppenborg Jeppesen 2007-10-22 07:04:13 0000 -------

This one is ready for GLSA vote and I vote NO.

------- Comment #10 From Raphael Marichez 2007-10-22 20:18:37 0000 -------

only client-side crash?  -> clearly noglsa

------- Comment #11 From Sune Kloppenborg Jeppesen 2007-10-22 20:24:41 0000 -------

2 NO votes win.

Bug List: (This bug is not in your last search results) Show last search results Search page Enter new bug

Bugzilla Bug 195520

games-strategy/wesnoth <1.2.7 Denial of Service Vulnerability (CVE-2007-3917)

Last modified: 2007-10-22 20:24:41 0000