Summary: | <games-simulation/openttd-1.1.3 Multiple Vulnerabilities (CVE-2010-4168,CVE-2011-{3341,3342,3343}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Sean Amoss (RETIRED) <ackle> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | major | CC: | games, mr_bones_ |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.openwall.com/lists/oss-security/2011/09/02/4 | ||
Whiteboard: | B1 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Sean Amoss (RETIRED)
2011-09-04 16:49:48 UTC
*** Bug 383163 has been marked as a duplicate of this bug. *** Arches, please test and mark stable: =games-simulation/openttd-1.1.3 target KEYWORDS : "amd64 ppc x86" amd64: pass Archtested on x86: Everything fine except for the fact that i seem to have to have forgotten how to play TTD. :) amd64 ok + 16 Sep 2011; Tony Vroon <chainsaw@gentoo.org> openttd-1.1.3.ebuild: + Marked stable on AMD64 based on arch testing by Elijah "Armageddon" El + Lazkani & Agostino Sarubbo in security bug #381799 filed by Sean Amoss. x86 stable, thanks JD never stable on ppc, last arch done Thanks everyone. Tim, can you please add to GLSA request? (In reply to comment #9) > Thanks everyone. Tim, can you please add to GLSA request? Yep, request filed. Thanks, Sean, folks. CVE-2011-3343 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3343): Multiple buffer overflows in OpenTTD before 1.1.3 allow local users to cause a denial of service (daemon crash) or possibly gain privileges via (1) a crafted BMP file with RLE compression or (2) crafted dimensions in a BMP file. CVE-2011-3342 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3342): Multiple buffer overflows in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via vectors related to (1) NAME, (2) PLYR, (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame. CVE-2011-3341 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-3341): Multiple off-by-one errors in order_cmd.cpp in OpenTTD before 1.1.3 allow remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command. CVE-2010-4168 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2010-4168): Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to cause a denial of service (invalid write and daemon crash) by abruptly disconnecting during transmission of the map from the server, related to network/network_server.cpp; (2) remote attackers to cause a denial of service (invalid read and daemon crash) by abruptly disconnecting, related to network/network_server.cpp; and (3) remote servers to cause a denial of service (invalid read and application crash) by forcing a disconnection during the join process, related to network/network.cpp. This issue was resolved and addressed in GLSA 201111-03 at http://security.gentoo.org/glsa/glsa-201111-03.xml by GLSA coordinator Tim Sammut (underling). |