Tri ranjivosti 3D video igre maniadrive

Ispravljene su tri ranjivosti u video igri Maniadrive, dostupnoj na operacijskim sustavima Fedora 13 i 14. Riječ je o arkadnoj igri koja korisniku omogućuje vožnju auto utrka. Ranjivosti su posljedica nepravilnosti u radu Zip, Exif i Phar dodataka za programski jezik PHP. Vezane su uz nepravilno upravljanje Zip datotekama, "exif.c" datoteku i višestruko pogrešno formatiranje znakovnih polja. Udaljeni napadači mogu ih iskoristiti za pokretanje napada uskraćivanja usluga, dohvaćanje osjetljivih informacija iz memorije te eventualno izvršavanje proizvoljnog koda. Kako bi ispravili opisane probleme savjetuje se nadogradnja na novu inačicu igre.

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-3666
2011-03-19 09:58:31
--------------------------------------------------------------------------------

Name        : maniadrive
Product     : Fedora 13
Version     : 1.2
Release     : 27.fc13
URL         : http://maniadrive.raydium.org/
Summary     : 3D stunt driving game
Description :
ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous
gameplay (tracks almost never exceed one minute). Features: Complex car
physics, Challenging "story mode", LAN and Internet mode, Live scores,
Track editor, Dedicated server with HTTP interface and More than 30 blocks.

--------------------------------------------------------------------------------
Update Information:

Security Enhancements and Fixes in PHP 5.3.6:
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini
setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive).
(CVE-2011-0421)

Full upstream changelog :
http://php.net/ChangeLog-5.php#5.3.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-27
- Rebuild for new php 5.3.6
* Tue Jan 11 2011 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-26.1
- rebuild
* Tue Jan 11 2011 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-26
- Fix story mode not working with php >= 5.3.5 (rhbz#668657)
* Sun Jan  9 2011 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-25
- Fix a crash when pressing 't', which enables the drawing of ode
  wire frames (rhbz#657353)
* Sat Jan  8 2011 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-24
- Rebuild for new php 5.3.5
* Sun Dec 12 2010 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-23
- Rebuild for new php 5.3.4
* Thu Jul 22 2010 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-22
- Rebuild for new php 5.3.3
* Sat Mar  6 2010 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-21
- Rebuild for new php 5.3.2
* Mon Feb 22 2010 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-20
- Fix FTBFS (#564773)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688378 - CVE-2011-1153 php: several format string vulnerabilities
in PHP's Phar extension
        https://bugzilla.redhat.com/show_bug.cgi?id=688378
  [ 2 ] Bug #680972 - CVE-2011-0708 php: buffer over-read in Exif extension
        https://bugzilla.redhat.com/show_bug.cgi?id=680972
  [ 3 ] Bug #688735 - CVE-2011-0421 php/libzip: segfault with FL_UNCHANGED on
empty archive in zip_name_locate()
        https://bugzilla.redhat.com/show_bug.cgi?id=688735
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update maniadrive' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2011-3636
2011-03-19 09:57:19
--------------------------------------------------------------------------------

Name        : maniadrive
Product     : Fedora 14
Version     : 1.2
Release     : 27.fc14
URL         : http://maniadrive.raydium.org/
Summary     : 3D stunt driving game
Description :
ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous
gameplay (tracks almost never exceed one minute). Features: Complex car
physics, Challenging "story mode", LAN and Internet mode, Live scores,
Track editor, Dedicated server with HTTP interface and More than 30 blocks.

--------------------------------------------------------------------------------
Update Information:

Security Enhancements and Fixes in PHP 5.3.6:
* Fixed bug #54247 (format-string vulnerability on Phar). (CVE-2011-1153)
* Fixed bug #54193 (Integer overflow in shmop_read()). (CVE-2011-1092)
* Fixed bug #54055 (buffer overrun with high values for precision ini
setting).
* Fixed bug #54002 (crash on crafted tag in exif). (CVE-2011-0708)
* Fixed bug #53885 (ZipArchive segfault with FL_UNCHANGED on empty archive).
(CVE-2011-0421)

Full upstream changelog :
http://php.net/ChangeLog-5.php#5.3.6
--------------------------------------------------------------------------------
ChangeLog:

* Thu Mar 17 2011 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-27
- Rebuild for new php 5.3.6
* Tue Jan 11 2011 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-26.1
- rebuild
* Tue Jan 11 2011 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-26
- Fix story mode not working with php >= 5.3.5 (rhbz#668657)
* Sun Jan  9 2011 Hans de Goede <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-25
- Fix a crash when pressing 't', which enables the drawing of ode
  wire frames (rhbz#657353)
* Sat Jan  8 2011 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-24
- Rebuild for new php 5.3.5
* Sun Dec 12 2010 Remi Collet <Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.> 1.2-23
- Rebuild for new php 5.3.4
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #688378 - CVE-2011-1153 php: several format string vulnerabilities
in PHP's Phar extension
        https://bugzilla.redhat.com/show_bug.cgi?id=688378
  [ 2 ] Bug #680972 - CVE-2011-0708 php: buffer over-read in Exif extension
        https://bugzilla.redhat.com/show_bug.cgi?id=680972
  [ 3 ] Bug #688735 - CVE-2011-0421 php/libzip: segfault with FL_UNCHANGED on
empty archive in zip_name_locate()
        https://bugzilla.redhat.com/show_bug.cgi?id=688735
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use 
su -c 'yum update maniadrive' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
Ova e-mail adresa je zaštićena od spambota. Potrebno je omogućiti JavaScript da je vidite.
https://admin.fedoraproject.org/mailman/listinfo/package-announce

Tri ranjivosti 3D video igre maniadrive

Tražilica portala

Aktivnosti

O CIS-u

Posljednje vijesti

Posljednji dokumenti