Ausführen beliebiger Kommandos in OpenArena
ID: | FEDORA-2011-9774 |
Distribution: | Fedora |
Plattformen: | Fedora 15 |
Datum: | Di, 9. August 2011, 08:42 |
Referenzen: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1412
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2764 |
Applikationen: | OpenArena |
Originalnachricht |
|
-------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2011-9774 2011-07-31 02:55:16 -------------------------------------------------------------------------------- Name : openarena Product : Fedora 15 Version : 0.8.5 Release : 4.fc15 URL : http://openarena.ws/ Summary : Open source first person shooter Description : OpenArena is an open-source content package for Quake III Arena licensed under the GPL, effectively creating a free stand-alone game. -------------------------------------------------------------------------------- Update Information: - Update to 1.36 svn snapshot r2102 - This fixes 2 security issues where a malicious server could execute arbitrary code on connecting clients (rhbz#725951): - CVE-2011-1412: Execute arbitrary shell commands on connecting clients - CVE-2011-2764: Arbitrary code execution when native-code DLLs are enabled - Update the autodownload + launch script for UrbanTerror to 4.1.1 -------------------------------------------------------------------------------- ChangeLog: * Thu Jul 28 2011 Hans de Goede |