Security Information / 2017 / Security Information -- DSA-3948-1 ioquake3

Debian Security Advisory

DSA-3948-1 ioquake3 -- security update

Date Reported:

19 Aug 2017

Affected Packages:

ioquake3

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2017-11721.

More information:

A read buffer overflow was discovered in the idtech3 (Quake III Arena) family of game engines. This allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a crafted packet.

For the oldstable distribution (jessie), this problem has been fixed in version 1.36+u20140802+gca9eebb-2+deb8u2.

For the stable distribution (stretch), this problem has been fixed in version 1.36+u20161101+dfsg1-2+deb9u1.

We recommend that you upgrade your ioquake3 packages.