[SECURITY] [DSA 2386-1] openttd security update

2012-01-1120:57:32

lists.debian.org

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.5

Confidence

Low

EPSS

0.148

Percentile

95.8%

JSON

Debian Security Advisory DSA-2386-1 [email protected]
http://www.debian.org/security/
January 10, 2012 http://www.debian.org/security/faq

Package : openttd
Vulnerability : several
Problem type : remote
Debian-specific: no
CVE ID : CVE-2011-3341 CVE-2011-3342 CVE-2011-3343

Several vulnerabilities have been discovered in openttd, a transport
business simulation game. Multiple buffer overflows and off-by-one
errors allow remote attackers to cause denial of service.

For the oldstable distribution (lenny), this problem has been fixed in
version 0.6.2-1+lenny4.

For the stable distribution (squeeze), this problem has been fixed in
version 1.0.4-4.

For the unstable distribution (sid), this problem has been fixed in
version 1.1.4-1.

We recommend that you upgrade your openttd packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: http://www.debian.org/security/

Mailing list: [email protected]

OSVersionArchitecturePackageVersionFilename
Debian5mipsopenttd< 0.6.2-1+lenny4openttd_0.6.2-1+lenny4_mips.deb
Debian6powerpcopenttd< 1.0.4-4openttd_1.0.4-4_powerpc.deb
Debian5alphaopenttd< 0.6.2-1+lenny4openttd_0.6.2-1+lenny4_alpha.deb
Debian6s390openttd< 1.0.4-4openttd_1.0.4-4_s390.deb
Debian6amd64openttd< 1.0.4-4openttd_1.0.4-4_amd64.deb
Debian5ia64openttd< 0.6.2-1+lenny4openttd_0.6.2-1+lenny4_ia64.deb
Debian6armelopenttd< 1.0.4-4openttd_1.0.4-4_armel.deb
Debian5armelopenttd< 0.6.2-1+lenny4openttd_0.6.2-1+lenny4_armel.deb
Debian6kfreebsd-amd64openttd< 1.0.4-4openttd_1.0.4-4_kfreebsd-amd64.deb
Debian5hppaopenttd< 0.6.2-1+lenny4openttd_0.6.2-1+lenny4_hppa.deb

OS	Version	Architecture	Package	Version	Filename
Debian	5	mips	openttd	< 0.6.2-1+lenny4	openttd_0.6.2-1+lenny4_mips.deb
Debian	6	powerpc	openttd	< 1.0.4-4	openttd_1.0.4-4_powerpc.deb
Debian	5	alpha	openttd	< 0.6.2-1+lenny4	openttd_0.6.2-1+lenny4_alpha.deb
Debian	6	s390	openttd	< 1.0.4-4	openttd_1.0.4-4_s390.deb
Debian	6	amd64	openttd	< 1.0.4-4	openttd_1.0.4-4_amd64.deb
Debian	5	ia64	openttd	< 0.6.2-1+lenny4	openttd_0.6.2-1+lenny4_ia64.deb
Debian	6	armel	openttd	< 1.0.4-4	openttd_1.0.4-4_armel.deb
Debian	5	armel	openttd	< 0.6.2-1+lenny4	openttd_0.6.2-1+lenny4_armel.deb
Debian	6	kfreebsd-amd64	openttd	< 1.0.4-4	openttd_1.0.4-4_kfreebsd-amd64.deb
Debian	5	hppa	openttd	< 0.6.2-1+lenny4	openttd_0.6.2-1+lenny4_hppa.deb