Your message dated Wed, 13 Aug 2008 09:17:24 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#493714: fixed in openttd 0.6.2-1
has caused the Debian Bug report #493714,
regarding openttd: Network exploitable buffer overrun
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
493714: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=493714
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: openttd
Version: 0.6.1-1
Severity: grave
Tags: security
Justification: user security hole
OpenTTD servers of version 0.6.1 and below are susceptible to a remotely
exploitable buffer overflow when the server is filled with companies and
clients with names that are (near) the maximum allowed length for names.
In the worst case OpenTTD will write the following (mostly remotely
changable bytes) into 1460 bytes of malloc-ed memory:
up to 11 times (amount of players) 118 bytes
up to 8 times (amount of companies) 124 bytes
and 7 "header" bytes
Resulting in up to 2297 bytes being written in 1460 bytes of malloc-ed
memory. This makes it possible to remotely crash the game or change the
gamestate into an unrecoverable state.
There are three ways of fixing this:
- upgrading to 0.6.2.
- backporting the bugfixes to 0.6.1 and make a network-incompatible version
of OpenTTD which makes it impossible to participate in multiplayer games
with both Debian and non-Debian users.
- increase the allocation size, which will make it even network incompatible
with itself.
Therefore the best way to fix this is by upgrading to 0.6.2, also in lenny.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26 (PREEMPT)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) (ignored:
LC_ALL set to en_GB.utf8)
Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---
Source: openttd
Source-Version: 0.6.2-1
We believe that the bug you reported is fixed in the latest version of
openttd, which is due to be installed in the Debian FTP archive:
openttd_0.6.2-1.diff.gz
to pool/contrib/o/openttd/openttd_0.6.2-1.diff.gz
openttd_0.6.2-1.dsc
to pool/contrib/o/openttd/openttd_0.6.2-1.dsc
openttd_0.6.2-1_i386.deb
to pool/contrib/o/openttd/openttd_0.6.2-1_i386.deb
openttd_0.6.2.orig.tar.gz
to pool/contrib/o/openttd/openttd_0.6.2.orig.tar.gz
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Matthijs Kooijman <[EMAIL PROTECTED]> (supplier of updated openttd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Fri, 08 Aug 2008 11:07:05 +0200
Source: openttd
Binary: openttd
Architecture: source i386
Version: 0.6.2-1
Distribution: unstable
Urgency: high
Maintainer: Matthijs Kooijman <[EMAIL PROTECTED]>
Changed-By: Matthijs Kooijman <[EMAIL PROTECTED]>
Description:
openttd - reimplementation of Transport Tycoon Deluxe with enhancements
Closes: 493714
Changes:
openttd (0.6.2-1) unstable; urgency=high
.
* New upstream release.
- Fixes remote crash vulnerability CVE-2008-3547. Closes: #493714
Checksums-Sha1:
a7177c3ac8b54886b9c0ddcc0bb90d3fbe838635 1544 openttd_0.6.2-1.dsc
04465c64ee43e1af7353b6d3801d79c52cf9ee30 4950519 openttd_0.6.2.orig.tar.gz
fc0c34e028ec6032f1b8ef4f4f14f01a6d6e540c 8959 openttd_0.6.2-1.diff.gz
fe2e8642c9fcb96a82f6e82648d18ab8f886794e 2632916 openttd_0.6.2-1_i386.deb
Checksums-Sha256:
cf59f62c4c257e73bc93dea3007bbd693d315c06d0929f2169e6ad09bf7c9625 1544
openttd_0.6.2-1.dsc
d53f0eee9f7dc9f2ec51143c6ee6b87b1daa39378ffb77b8fb285bde76191207 4950519
openttd_0.6.2.orig.tar.gz
5d37d50e5b6b9e517bf3e2a8e891979b53664140c97c94e97f5cdcb483405f43 8959
openttd_0.6.2-1.diff.gz
a7fc246bff1d5b010fbd2c70a048c2de34da054acf75964ec6e7c57b599df729 2632916
openttd_0.6.2-1_i386.deb
Files:
182add99a5e0ed4089c09ab0665dbb7d 1544 contrib/games optional
openttd_0.6.2-1.dsc
7e3f577e605e24479ead594259276be9 4950519 contrib/games optional
openttd_0.6.2.orig.tar.gz
148e100075917fcfe2cab4a6a9d3f957 8959 contrib/games optional
openttd_0.6.2-1.diff.gz
f0b1363e58efa2a11b063c388e649a0c 2632916 contrib/games optional
openttd_0.6.2-1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iQEcBAEBAgAGBQJIoqStAAoJEGz0hbPcukPfRk4H/1og0lmNsOl5Z4eHlh4FhfgE
jI0YYXywpjQtFxDhRBKU+DN9+/zm4Tlf8COsZuHYCjRzW86+hVdz5o2f5uFcPSU2
J21qfFozQEHr91qFUayOJq4iKuKwNyBmwjRfOOxUqX+KYEFIcv7JCsZTNzGMGfAK
e6vijqsELYIXvo8TiAwCByDpg5NxL3j1u4JcHATtBmg8iQ3kamML4dJVE8fNWGSc
TcVag1jwjQ9T/Uyy6hNPYXlqcTQ9bZztkYYiVkjf7C9t0jbtHsLMqWo9Or+dApb7
ZULILVxBO9CEX/0RdZk6r9190UFFYtzgrwUgMmk+x3BWFdTw8apcxwEVp7pnGGc=
=2PVg
-----END PGP SIGNATURE-----
--- End Message ---
