[Frugalware-security] [ FSA-297 ] wesnoth

voroskoi noreply at frugalware.org
Fri Oct 19 16:57:13 CEST 2007


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Frugalware Security Advisory                           FSA-297

Date: 2007-11-19
Package: wesnoth
Vulnerable versions: <= 1.2.6-1
Unaffected versions: >= 1.2.6-2terminus1
Related bugreport: http://bugs.frugalware.org/task/2486
CVE: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3917

Description
===========

A vulnerability has been reported in Wesnoth, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to an unspecified error in the processing of UTF-8 strings within the multiplayer engine . This can be exploited by malicious clients to crash a vulnerable Wesnoth client.

Updated Packages
================

Check if you have wesnoth installed:

	# pacman-g2 -Q wesnoth

If found, then you should upgrade to the latest version:

	# pacman-g2 -Sy wesnoth

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: See http://ftp.frugalware.org/pub/README.GPG for info

iD8DBQFHGMXJZ7NElSD1VhkRAit5AKCa0B2wVmt3XjZ7jtz22wpI2vvHjgCgoBVr
nzrymcqt5+1eUPa/y9UqoeI=
=iEb5
-----END PGP SIGNATURE-----


More information about the Frugalware-security mailing list