Security Information / 2012 / Security Information -- DSA-2386-1 openttd

Debian Security Advisory

DSA-2386-1 openttd -- several vulnerabilities

Date Reported:

10 Jan 2012

Affected Packages:

openttd

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2011-3341, CVE-2011-3342, CVE-2011-3343.

More information:

Several vulnerabilities have been discovered in OpenTTD, a transport business simulation game. Multiple buffer overflows and off-by-one errors allow remote attackers to cause denial of service.

For the oldstable distribution (lenny), this problem has been fixed in version 0.6.2-1+lenny4.

For the stable distribution (squeeze), this problem has been fixed in version 1.0.4-4.

For the unstable distribution (sid), this problem has been fixed in version 1.1.4-1.

We recommend that you upgrade your openttd packages.