Network Security Audits / Vulnerability Assessments by SecuritySpace

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2010-6132
2010-04-09 00:22:19
--------------------------------------------------------------------------------

Name        : alienarena
Product     : Fedora 11
Version     : 7.32
Release     : 3.fc11
URL         : http://red.planetarena.org/
Summary     : Multiplayer retro sci-fi deathmatch game
Description :
Alien Arena 2009 is an online deathmatch game with over 30 levels, seven modes
of play, loads of mutators, built-in bots, multiple player characters and weapons
(with alt-fire modes).

--------------------------------------------------------------------------------
Update Information:

Fixes the following security issues:    - By supplying various invalid
parameters to the download command, it is possible to cause a DoS condition by
causing the server to crash. A path ending in . or / will crash on Linux.
Supplying a negative offset will cause a crash on all platforms.  - Fix buffer
overflow identified in R1Q2 client code.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr  6 2010 Tom "spot" Callaway <tcallawa@redhat.com> - 7.32-3
- fix security issues identified in bz 577810
- By supplying various invalid parameters to the download command,
   it is possible to cause a DoS condition by causing the server to
   crash. A path ending in . or / will crash on Linux. Supplying
   a negative offset will cause a crash on all platforms.
- Fix buffer overflow identified in R1Q2 client code
* Fri Mar  5 2010 Tom "spot" Callaway <tcallawa@redhat.com> - 7.32-2.1
- include patch4
* Sat Nov  7 2009 Hans de Goede <hdgoede@redhat.com> - 7.32-2
- dlopen openal.so.x, not openal.so.x.y. this fixes a crash on startup when
  the openal minor version has changed
- fix deprecation warning with latest libXxf86dga-devel
* Mon Nov  2 2009 Tom "spot" Callaway <tcallawa@redhat.com> - 7.32-1
- update to 7.32
- fix CVE-2009-3637 (bugzilla 530514)
* Wed Aug 12 2009 Tom "spot" Callaway <tcallawa@redhat.com> - 7.30-2
- fix dlopen code to find proper openal library
- use openal-soft instead of old openal
* Thu Jul 30 2009 Tom "spot" Callaway <tcallawa@redhat.com> - 7.30-1
- update to 7.30
* Fri Jul 24 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 7.21-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #577810 - alienarena: Two security issues in Quake II 3.20 (Server) (applicable to alienarena)
        https://bugzilla.redhat.com/show_bug.cgi?id=577810
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update alienarena' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce