Debian Security Advisory
DSA-3948-1 ioquake3 -- security update
- Date Reported:
- 19 Aug 2017
- Affected Packages:
- ioquake3
- Vulnerable:
- Yes
- Security database references:
- In Mitre's CVE dictionary: CVE-2017-11721.
- More information:
-
A read buffer overflow was discovered in the idtech3 (Quake III Arena) family of game engines. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted packet.
For the oldstable distribution (jessie), this problem has been fixed in version 1.36+u20140802+gca9eebb-2+deb8u2.
For the stable distribution (stretch), this problem has been fixed in version 1.36+u20161101+dfsg1-2+deb9u1.
We recommend that you upgrade your ioquake3 packages.