Bug 11852 - openttd new security issue CVE-2013-6411
: openttd new security issue CVE-2013-6411
Status: RESOLVED FIXED
Product: Mageia
Classification: Unclassified
Component: Security
: 3
: i586 Linux
: Normal Severity: normal
: ---
Assigned To: QA Team
: Sec team
:
: advisory MGA3-64-OK MGA3-32-OK
: validated_update
:
:
  Show dependency treegraph
 
Reported: 2013-12-02 16:38 CET by David Walser
Modified: 2013-12-06 23:03 CET (History)
3 users (show)

See Also:
Source RPM: openttd-1.3.2-1.mga3.src.rpm
CVE:


Attachments

Description David Walser 2013-12-02 16:38:30 CET
A CVE was allocated for a security issue in openttd on November 29:
http://openwall.com/lists/oss-security/2013/11/29/3

The issue is fixed upstream in 1.3.3 and there's a patch linked from the upstream advisory:
http://security.openttd.org/en/CVE-2013-6411

Mageia 3 is also affected.

Reproducible: 

Steps to Reproduce:
Comment 1 Jani Välimaa 2013-12-02 19:16:22 CET
Requested freeze push for Cauldron and pushed 1.3.3 to core/updates_testing for mga3.

QA team, please test new release [1] for mga3. Steps to reproduce are in upstream security tracker (link in comment 0). There're also other fixes [2] in this new release.


[1] openttd-1.3.3-1.mga3
[2] http://gb.binaries.openttd.org/binaries/releases/1.3.3/changelog.txt
Comment 2 David Walser 2013-12-02 19:27:00 CET
Thanks Jani!

Advisory:
========================

Updated openttd package fixes security vulnerability:

A missing validation in OpenTTD before 1.3.3 allows remote attackers to cause
a denial of service (crash) by forcefully crashing aircraft near the corner of
the map. This triggers a corner case where data outside of the allocated map
array is accessed (CVE-2013-6411).

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6411
http://openwall.com/lists/oss-security/2013/11/28/17
http://security.openttd.org/en/CVE-2013-6411
http://gb.binaries.openttd.org/binaries/releases/1.3.3/changelog.txt
========================

Updated packages in core/updates_testing:
========================
openttd-1.3.3-1.mga3

from openttd-1.3.3-1.mga3.src.rpm
Comment 3 Dave Hodgins 2013-12-02 20:41:23 CET
Advisory 11852.adv committed to svn.
Comment 4 Dave Hodgins 2013-12-02 21:32:33 CET
Testing complete on Mageia 3 i586 and x86_64.

Someone from the sysadmin team please push 11852.adv to updates.
Comment 5 David Walser 2013-12-02 21:40:18 CET
Just a reminder that this needs pushed in Cauldron first.
Comment 6 David Walser 2013-12-03 23:40:04 CET
openttd-1.3.3-1.mga4 submitted for Cauldron.
Comment 7 Thomas Backlund 2013-12-06 23:03:45 CET
Update pusned:
http://advisories.mageia.org/MGASA-2013-0363.html

Note You need to log in before you can comment on or make changes to this bug.