Debian Security Advisory
DSA-205-1 gtetrinet -- buffer overflow
- Date Reported:
- 10 Dec 2002
- Affected Packages:
- gtetrinet
- Vulnerable:
- Yes
- Security database references:
- No other external database security references currently available.
- More information:
-
Steve Kemp and James Antill found several buffer overflows in the gtetrinet (a multiplayer tetris-like game) package as shipped in Debian GNU/Linux 3.0, which could be abused by a malicious server.
This has been fixed in upstream version 0.4.4 and release 0.4.1-9woody1.1 of the Debian package.
- Fixed in:
-
Debian GNU/Linux 2.2 (potato)
Debian GNU/Linux 3.0 (woody)
- Source:
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1.dsc
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.dsc
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.diff.gz
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1.diff.gz
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1.orig.tar.gz
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.dsc
- alpha (DEC Alpha):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_alpha.deb
- arm (ARM):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_arm.deb
- hppa (HP PA RISC):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_hppa.deb
- i386 (Intel ia32):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_i386.deb
- ia64 (Intel ia64):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_ia64.deb
- m68k (Motorola Mc680x0):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_m68k.deb
- mips (MIPS (Big Endian)):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_mips.deb
- mipsel (MIPS (Little Endian)):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_mipsel.deb
- powerpc (PowerPC):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_powerpc.deb
- s390 (IBM S/390):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_s390.deb
- sparc (Sun SPARC/UltraSPARC):
- http://security.debian.org/pool/updates/main/g/gtetrinet/gtetrinet_0.4.1-9woody1.1_sparc.deb
MD5 checksums of the listed files are available in the original advisory.