GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Fri Nov 11, 2011 10:26 pm Post subject: [ GLSA 201111-03 ] OpenTTD: Multiple vulnerabilities |
 |
|
Gentoo Linux Security Advisory
Title: OpenTTD: Multiple vulnerabilities (GLSA 201111-03)
Severity: high
Exploitable: local, remote
Date: November 11, 2011
Bug(s): #381799
ID: 201111-03
Synopsis
Multiple vulnerabilities were found in OpenTTD which could lead to
execution of arbitrary code, a Denial of Service, or privilege escalation.
Background
OpenTTD is a clone of Transport Tycoon Deluxe.
Affected Packages
Package: games-simulation/openttd
Vulnerable: < 1.1.3
Unaffected: >= 1.1.3
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in OpenTTD. Please review
the CVE identifiers referenced below for details.
Impact
A remote attacker could execute arbitrary code with the privileges of
the OpenTTD process or cause a Denial of Service. Local users could cause
a Denial of Service.
Workaround
There is no known workaround at this time.
Resolution
All OpenTTD users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=games-simulation/openttd-1.1.3"
|
NOTE: This is a legacy GLSA. Updates for all affected architectures are
available since September 27, 2011. It is likely that your system is
already no longer affected by this issue.
References
CVE-2010-4168
CVE-2011-3341
CVE-2011-3342
CVE-2011-3343 |
|
News & Announcements
