Date: Tue, 11 Oct 2011 11:29:14 GMT From: "Ilya A. Arkhipov" <micro@heavennet.ru> To: freebsd-gnats-submit@FreeBSD.org Subject: ports/161488: Upgrade OpenTTD to 1.1.3 Message-ID: <201110111129.p9BBTEUc002572@red.freebsd.org> Resent-Message-ID: <201110111130.p9BBU8Nx020889@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 161488 >Category: ports >Synopsis: Upgrade OpenTTD to 1.1.3 >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Tue Oct 11 11:30:08 UTC 2011 >Closed-Date: >Last-Modified: >Originator: Ilya A. Arkhipov >Release: FreeBSD 10.0-CURRENT >Organization: Luxoft >Environment: FreeBSD micro 10.0-CURRENT FreeBSD 10.0-CURRENT #3 r226184: Mon Oct 10 12:44:23 MSK 2011 root@micro:/usr/obj/usr/src/sys/MICROKERNEL amd64 >Description: Update OpenTTD to 1.1.3. And add vuxml entry for: CVE-2011-3343 -- http://security.openttd.org/en/CVE-2011-3343 CVE-2011-3342 -- http://security.openttd.org/en/CVE-2011-3342 CVE-2011-3341 -- http://security.openttd.org/en/CVE-2011-3341 >How-To-Repeat: >Fix: Patch attached with submission follows: diff -Nru openttd_1.1.2/Makefile openttd/Makefile --- openttd_1.1.2/Makefile 2011-10-11 14:37:42.758214257 +0400 +++ openttd/Makefile 2011-10-11 14:37:53.752211050 +0400 @@ -6,7 +6,7 @@ # PORTNAME= openttd -PORTVERSION= 1.1.2 +PORTVERSION= 1.1.3 CATEGORIES= games MASTER_SITES= http://gb.binaries.openttd.org/binaries/releases/${PORTVERSION}/ \ http://ftp.snt.utwente.nl/pub/games/openttd/binaries/releases/${PORTVERSION}/ \ diff -Nru openttd_1.1.2/distinfo openttd/distinfo --- openttd_1.1.2/distinfo 2011-10-11 14:37:42.771221915 +0400 +++ openttd/distinfo 2011-10-11 14:37:57.862207711 +0400 @@ -1,2 +1,2 @@ -SHA256 (openttd-1.1.2-source.tar.xz) = 372073bd2b87c078c714176d1b75e16768a85122993ebd7a36e60aa071903b3d -SIZE (openttd-1.1.2-source.tar.xz) = 5040364 +SHA256 (openttd-1.1.3-source.tar.xz) = 3adb21211fe02411110beaf1f447e03e8a2e9e07b5d9f92247a5b063881c8ed6 +SIZE (openttd-1.1.3-source.tar.xz) = 5165696 diff -Nru vuxml_old/vuln.xml vuxml/vuln.xml --- vuxml_old/vuln.xml 2011-10-11 15:21:55.428208767 +0400 +++ vuxml/vuln.xml 2011-10-11 15:17:53.608208879 +0400 @@ -34,6 +34,89 @@ --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">; + <vuln vid="9bad5ab1-f3f6-11e0-8b5c-b482fe3f522d"> + <topic>OpenTTD -- Multiple buffer overflows in validation of external data</topic> + <affects> + <package> + <name>openttd</name> + <range><ge>0.1.0</ge><lt>1.1.3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>The OpenTTD Team reports:</p> + <blockquote cite="http://security.openttd.org/en/CVE-2011-3343">; + <p>Multiple buffer overflows in OpenTTD before 1.1.3 allow + local users to cause a denial of service (daemon crash) or + possibly gain privileges via (1) a crafted BMP file with RLE + compression or (2) crafted dimensions in a BMP file.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2011-3343</cvename> + <url>http://security.openttd.org/en/CVE-2011-3343</url>; + </references> + <dates> + <discovery>2011-08-25</discovery> + <entry>2011-09-02</entry> + </dates> + </vuln> + <vuln vid="78c25ed7-f3f9-11e0-8b5c-b482fe3f522d"> + <topic>OpenTTD -- Buffer overflows in savegame loading</topic> + <affects> + <package> + <name>openttd</name> + <range><ge>0.1.0</ge><lt>1.1.3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>The OpenTTD Team reports:</p> + <blockquote cite="http://security.openttd.org/en/CVE-2011-3342">; + <p>Multiple buffer overflows in OpenTTD before 1.1.3 allow remote + attackers to cause a denial of service (daemon crash) or possibly + execute arbitrary code via vectors related to (1) NAME, (2) PLYR, + (3) CHTS, or (4) AIPL (aka AI config) chunk loading from a savegame.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2011-3342</cvename> + <url>http://security.openttd.org/en/CVE-2011-3342</url>; + </references> + <dates> + <discovery>2011-08-08</discovery> + <entry>2011-08-25</entry> + </dates> + </vuln> + <vuln vid="e77befb5-f3f9-11e0-8b5c-b482fe3f522d"> + <topic>OpenTTD -- Denial of service via improperly validated commands</topic> + <affects> + <package> + <name>openttd</name> + <range><ge>0.3.5</ge><lt>1.1.3</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml">; + <p>The OpenTTD Team reports:</p> + <blockquote cite="http://security.openttd.org/en/CVE-2011-3341">; + <p>Multiple off-by-one errors in order_cmd.cpp in OpenTTD before + 1.1.3 allow remote attackers to cause a denial of service (daemon crash) + or possibly execute arbitrary code via a crafted CMD_INSERT_ORDER command.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2011-3341</cvename> + <url>http://security.openttd.org/en/CVE-2011-3341</url>; + </references> + <dates> + <discovery>2011-08-25</discovery> + <entry>2011-08-26</entry> + </dates> + </vuln> <vuln vid="ab9be2c8-ef91-11e0-ad5a-00215c6a37bb"> <topic>quagga -- multiple vulnerabilities</topic> <affects> >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201110111129.p9BBTEUc002572>