Red Hat Bugzilla – Bug 735841
CVE-2011-3341 CVE-2011-3342 CVE-2011-3343 Security update available (in testing) for openttd
Last modified: 2015-08-19 05:12:52 EDT
Description of problem:
The following archive entry describes the issue:
openTTD 1.1.3-RC1 is available now.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
The following are the specifics of the vulnerabilities reported:
1.) Denial of service via improperly validated commands (CVE-2011-3341):
In multiple places in-game commands are not properly validated that allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Vulnerability is present since 0.3.5 and will be fixed in the upcoming 1.1.3 release. Issue report at http://bugs.openttd.org/task/4745
2.) Buffer overflows in savegame loading (CVE-2011-3342):
In multiple places indices in savegames are not properly validated that allow (remote) attackers to cause a denial of service (crash) and possibly execute arbitrary code via unspecified vectors.
Vulnerability is present since 0.1.0 and will be fixed in the upcoming 1.1.3 release. Issue reports at http://bugs.openttd.org/task/4717 and http://bugs.openttd.org/task/4748
3.) Multiple buffer overflows in validation of external data (CVE-2011-3343):
In multiple places external data from the local file system isn't properly checked before allocating memory, which could lead to buffer overflows and arbitrary code execution.
Vulnerability is present since 0.3.4 and will be fixed in the upcoming 1.1.3 release. Issue reports at http://bugs.openttd.org/task/4746 and http://bugs.openttd.org/task/4747
Created openttd tracking bugs for this issue
Affects: fedora-all [bug 736178]
Working on it.
Fedora updates have been released:
openttd-1.1.3-1.fc16 has been submitted as an update for Fedora 16.
openttd-1.1.3-1.fc15 has been submitted as an update for Fedora 15.
openttd-1.1.3-1.fc14 has been submitted as an update for Fedora 14.