lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <20170813150405.wtivbretlc4yb4ud@pisco.westfalen.local>
Date: Sun, 13 Aug 2017 17:04:05 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3940-1] iortcw security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3940-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
August 13, 2017                       https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : iortcw
CVE ID         : CVE-2017-11721

A read buffer overflow was discovered in the idtech3 (Quake III Arena)
family of game engines. This allows remote attackers to cause a denial
of service (application crash) or possibly have unspecified other impact
via a crafted packet.

For the stable distribution (stretch), this problem has been fixed in
version 1.50a+dfsg1-3+deb9u1.

We recommend that you upgrade your iortcw packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlmQX8UACgkQEMKTtsN8
TjYhkg//d+bHbtHmzyQCc6g5zN2/yNlc4QFA6sRr8A48V06Nb/0VtWyVDRphPkdo
t/7jBe8xll66c0+ZACyqnGlq76QNVBV+pXZTCl86EoQQbJQD1dKiKmqUDy25z3mg
mA1CaCXGAlY7iYIbRrfoenfAnn1hOUyPbmzv0YrN1a71glBhUiQGG6Z5/x7VrFqk
lqqpRivn1k0y5Vt+QIbJtBWPBPlJhj4J55ouaT4ice9jWQirEWlKIz2oQz4nfrGm
fzTes/sewA4dxfgnLPT/LTcvUPpzsB57KtdF7aJ/ARg4bAepCW8KwjMICPBsygSm
o8wUrOA9NW4/eGsz5DjO+BqdiUAQXmVbNXSA/2Shb0PJNOf2pKnW1ejxzrfxwYAN
Jef49eOiFojI/iOHDhvqdD95v6IGJdP8XlpwPhONwT2VT9QzUN4ynDrzxdhiWHdV
b7H642+9BDYoS9NIdxl1JJP3E8OFPU9+S4r0T+Bj4bHzQS3DPEGSGoOu4VGNvSWh
BXaOPr57rAjWokzIKky8GtQVgboiDnFUEfQxyoP3/i+GRL6//Mutz6N+TqkMUSh7
NL19a+k1bdPywtXdnGtMN7nEJPlJFtzUAYJTFoIgbGM/v4YFi+0Eo1Mw2HEQVkAK
UNYFyeoPfxnYSkCVwYAQVEMiE5mWwq3BLKG6gGHVgaKETu/AEw0=
=tUI/
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ