<<< Date Index >>>     <<< Thread Index >>>

[SECURITY] [DSA 964-1] New gnocatan packages fix denial of service



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- --------------------------------------------------------------------------
Debian Security Advisory DSA 964-1                     security@xxxxxxxxxx
http://www.debian.org/security/                             Martin Schulze
February 3rd, 2006                      http://www.debian.org/security/faq
- --------------------------------------------------------------------------

Package        : gnocatan
Vulnerability  : buffer overflow
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2006-0467
BugTraq ID     : 16429
Debian Bug     : 350237

A problem has been discovered in gnocatan, the computer version of the
settlers of Catan boardgame, that can lead the server an other clients
to exit via an assert, and hence does not permit the execution of
arbitrary code.  The game has been renamed into Pioneers after the
release of Debian sarge.

For the old stable distribution (woody) this problem has been fixed in
version 0.6.1-5woody3.

For the stable distribution (sarge) this problem has been fixed in
version 0.8.1.59-1sarge1.

For the unstable distribution (sid) this problem has been fixed in
version 0.9.49-1 of pioneers.

We recommend that you upgrade your gnocatan and pioneers packages.


Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.


Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan_0.6.1-5woody3.dsc
      Size/MD5 checksum:      682 be4b8188f8a2a602922af5c863c0a0bf
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan_0.6.1-5woody3.diff.gz
      Size/MD5 checksum:     9387 2b917d4b0f655dbd19dcbdaa2d314274
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan_0.6.1.orig.tar.gz
      Size/MD5 checksum:   625157 a156f3fe3a50fbf91e9857a9d012e588

  Architecture independent components:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-data_0.6.1-5woody3_all.deb
      Size/MD5 checksum:    22258 65de8b0cca29b0664b305eac72552c80
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-help_0.6.1-5woody3_all.deb
      Size/MD5 checksum:   264206 daf0906a288a803723843e153c040850

  Alpha architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_alpha.deb
      Size/MD5 checksum:   105258 6b8d93753ce52b310376dfbf2719496d
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_alpha.deb
      Size/MD5 checksum:    92528 16d483841c95c99804798dad42723dc6

  ARM architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_arm.deb
      Size/MD5 checksum:    77834 03c5081d287dc68b6f11d06d596a4ea3
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_arm.deb
      Size/MD5 checksum:    68114 0cb3235a4193ccba28d6bd9a1f4745f3

  Intel IA-32 architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_i386.deb
      Size/MD5 checksum:    75524 1d87da02eb4c1c936307af40ead41973
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_i386.deb
      Size/MD5 checksum:    67428 c1527b4e2068987a66d0bf78b1f587ba

  Intel IA-64 architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_ia64.deb
      Size/MD5 checksum:   131080 c8fa0a1b80535052dce07750140386a0
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_ia64.deb
      Size/MD5 checksum:   118132 8648a35bb396d10177b1987562fc1049

  HP Precision architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_hppa.deb
      Size/MD5 checksum:    93190 ea860fd49a0e32372ef0877f3683630f
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_hppa.deb
      Size/MD5 checksum:    85118 6ad381585d1a5c59d88dd1ab346156d4

  Motorola 680x0 architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_m68k.deb
      Size/MD5 checksum:    71222 caddd4095aded1a21a1e4d53e1368468
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_m68k.deb
      Size/MD5 checksum:    63704 f3dcc0f8eb8da5e86cb5c4354a8125e7

  Big endian MIPS architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_mips.deb
      Size/MD5 checksum:    85960 f7c8c122e98233099e7df62c96b1518d
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_mips.deb
      Size/MD5 checksum:    83912 ecb1f9bbc802ce3be34fdc95d18ab4d3

  Little endian MIPS architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_mipsel.deb
      Size/MD5 checksum:    85510 7fa8eed69fc3c637086bc4d436e4e1de
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_mipsel.deb
      Size/MD5 checksum:    83554 36674d26dbfcc5acfd7a9fa50498c51b

  PowerPC architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_powerpc.deb
      Size/MD5 checksum:    82716 977c39aade27fb14327c1864d77ba71f
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_powerpc.deb
      Size/MD5 checksum:    72924 47ec91b533203b785839581d8d12ac58

  IBM S/390 architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_s390.deb
      Size/MD5 checksum:    77948 36a04aa4f05009e8989a3703380740a4
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_s390.deb
      Size/MD5 checksum:    72838 6a3740a8c5e332be4690fd3e1c9a8a79

  Sun Sparc architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.6.1-5woody3_sparc.deb
      Size/MD5 checksum:    80780 6579a770e2d19f0403ed92add46abb81
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server_0.6.1-5woody3_sparc.deb
      Size/MD5 checksum:    73708 20f212d6418b6b4fd19fec63a060c84e


Debian GNU/Linux 3.1 alias sarge
- --------------------------------

  Source archives:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan_0.8.1.59-1sarge1.dsc
      Size/MD5 checksum:      837 d1e418cabc69a8ddce45d553e4a70653
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan_0.8.1.59-1sarge1.diff.gz
      Size/MD5 checksum:     2447 64b05bdc61c9b097a0ce6578efbff613
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan_0.8.1.59.orig.tar.gz
      Size/MD5 checksum:  2074119 909aeb08a3f4990ffa53f1769b3a5111

  Architecture independent components:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-help_0.8.1.59-1sarge1_all.deb
      Size/MD5 checksum:   442678 f2073e463887cb679e007399d686a8de
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-data_0.8.1.59-1sarge1_all.deb
      Size/MD5 checksum:    49532 95913f57ea4fef654bfa4d3d4d1ccc6c

  Alpha architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_alpha.deb
      Size/MD5 checksum:    92718 059c78aed86cc7960c9648e09e24241c
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_alpha.deb
      Size/MD5 checksum:  1093272 1bc19d0e2149105ffdd1260e1c5791d4
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_alpha.deb
      Size/MD5 checksum:    59104 bc7cccddbde861abb7327c0fd2cae3cc
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_alpha.deb
      Size/MD5 checksum:    98602 fea3977fb6166246316d83007eca3b75
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_alpha.deb
      Size/MD5 checksum:   117334 c1fae086e8049829eec93975d9d0194c

  AMD64 architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_amd64.deb
      Size/MD5 checksum:    84294 ce79ec1b84ed677de5955451cfaf38d3
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_amd64.deb
      Size/MD5 checksum:  1069568 610e117cd823be9b72919c8bf6f52843
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_amd64.deb
      Size/MD5 checksum:    57762 24a4eb6fcc6973dc99dac349a244c4b2
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_amd64.deb
      Size/MD5 checksum:    89634 69966899c745e20f3cb9b19a2a80219b
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_amd64.deb
      Size/MD5 checksum:   106784 04600a57db28f4e24474e326b83204cf

  ARM architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_arm.deb
      Size/MD5 checksum:    77784 4100b007c7b89cfc103dfb70423cb786
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_arm.deb
      Size/MD5 checksum:  1050394 0f61ef31720c244cd23683108c19e81e
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_arm.deb
      Size/MD5 checksum:    55692 b3f5059c4892ff78ac95c03d3ce94460
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_arm.deb
      Size/MD5 checksum:    82254 005fb0beabb706dbd992719ba14f2ef5
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_arm.deb
      Size/MD5 checksum:    97724 ba94cb84ac17822443675dedd82818c9

  Intel IA-32 architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_i386.deb
      Size/MD5 checksum:    78270 ed195180a605bb18f5b869f288aa2224
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_i386.deb
      Size/MD5 checksum:  1056002 eed9752d662bc5b42efedcb2049a7856
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_i386.deb
      Size/MD5 checksum:    55716 ce59cea5dfa382c99ac80f0680398cc4
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_i386.deb
      Size/MD5 checksum:    83092 0e4fafe27de0d33cab5dffe1fc8f6273
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_i386.deb
      Size/MD5 checksum:    99960 6232478ebe52ddf3fb31dbe6f00f7726

  Intel IA-64 architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_ia64.deb
      Size/MD5 checksum:   101670 8b16c9c4d0fbc981f9e666c8797fdf75
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_ia64.deb
      Size/MD5 checksum:  1114722 8641dfae5595ae32cb94e8c5313a780e
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_ia64.deb
      Size/MD5 checksum:    62972 9e7e04624029ed54a87a85ad8960419c
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_ia64.deb
      Size/MD5 checksum:   109624 c40e81b39c8fb844719f8508a0c41476
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_ia64.deb
      Size/MD5 checksum:   130316 26eb8b5038a8a1b660f2a2c674d48211

  HP Precision architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_hppa.deb
      Size/MD5 checksum:    85978 7f8998763fc36eeb41aa159b926cd1e3
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_hppa.deb
      Size/MD5 checksum:  1072444 5f5afd46b1b5a57b666ee9a9381074f0
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_hppa.deb
      Size/MD5 checksum:    58426 7daf86c674365899df61d25fc9e21d7f
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_hppa.deb
      Size/MD5 checksum:    91436 b6e8e37bd95014b57b9b1c5c08e9fc27
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_hppa.deb
      Size/MD5 checksum:   107722 b3dc56e26cd6b2f2a7735874ecdb0511

  Motorola 680x0 architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_m68k.deb
      Size/MD5 checksum:    73876 1c04bd416581ed567c41e22a0eb775e0
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_m68k.deb
      Size/MD5 checksum:  1039524 b3c2d1ee3bfe1d38ce6dfc30a929a02f
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_m68k.deb
      Size/MD5 checksum:    55032 54a59e2de77566dace19ff225bd877f7
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_m68k.deb
      Size/MD5 checksum:    78398 b3af47e753b3f04a4e8fde00876f17f6
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_m68k.deb
      Size/MD5 checksum:    93534 9f3fda69119e5e5062addf29a9a321c7

  Big endian MIPS architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_mips.deb
      Size/MD5 checksum:    87338 59a57c4a6a53a344245e5daae7f3032d
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_mips.deb
      Size/MD5 checksum:  1060206 0de9a6c921e3e45712ee3196f034c226
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_mips.deb
      Size/MD5 checksum:    57320 837c60fe747c2ee09536b314e0de8d38
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_mips.deb
      Size/MD5 checksum:    92842 5d2cd6b26106137364d39564eca93f27
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_mips.deb
      Size/MD5 checksum:   104322 f0e8c6dba96c038bd0f85f7b158a573d

  Little endian MIPS architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_mipsel.deb
      Size/MD5 checksum:    87348 70539510d2bc11da57558f55e2063db1
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_mipsel.deb
      Size/MD5 checksum:  1060006 60dab3b52736598cd6e1e511e52b4800
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_mipsel.deb
      Size/MD5 checksum:    57334 1daf90e9c5a398cf48ed8f1edea3198f
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_mipsel.deb
      Size/MD5 checksum:    92992 8935e3aa1bbe21f8c2e8ab0f70276a94
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_mipsel.deb
      Size/MD5 checksum:   104390 b058f16c81ba878a9344cde2aafb4a84

  PowerPC architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_powerpc.deb
      Size/MD5 checksum:    81462 0cddee88a2c2dfbc5f49829bf453a0fe
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_powerpc.deb
      Size/MD5 checksum:  1058080 7d13a8eb46cab114f6f80b6c0e8db1cc
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_powerpc.deb
      Size/MD5 checksum:    56572 ea7df119cea62da58a9b7f33f4a302df
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_powerpc.deb
      Size/MD5 checksum:    86130 65395f0f44bd7a4a0c5122fc707655f3
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_powerpc.deb
      Size/MD5 checksum:   103102 75cdf42605a168634191b23f3521ed60

  IBM S/390 architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_s390.deb
      Size/MD5 checksum:    85136 05d065b4920cc96b117bc2732f340f87
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_s390.deb
      Size/MD5 checksum:  1066870 e84917d1fe6adb4c04e8a28b81275286
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_s390.deb
      Size/MD5 checksum:    57880 3fd25c2d79e17e94d3959aff458fe1bb
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_s390.deb
      Size/MD5 checksum:    89340 d463592697f5d57aaf4e1376f488ef57
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_s390.deb
      Size/MD5 checksum:   107288 0156b80caa7805fa05174b67c150117d

  Sun Sparc architecture:

    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-ai_0.8.1.59-1sarge1_sparc.deb
      Size/MD5 checksum:    77544 ed13558f39c326b3cd7c9aa0320a36ea
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-client_0.8.1.59-1sarge1_sparc.deb
      Size/MD5 checksum:  1050206 63920527c5f8e75f4ccd27165c912ea8
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-meta-server_0.8.1.59-1sarge1_sparc.deb
      Size/MD5 checksum:    55776 4957767fd9dfa9f6935528dc68397210
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-console_0.8.1.59-1sarge1_sparc.deb
      Size/MD5 checksum:    82704 2308f02b5378aeadbea0a312b8c6858c
    
http://security.debian.org/pool/updates/main/g/gnocatan/gnocatan-server-gtk_0.8.1.59-1sarge1_sparc.deb
      Size/MD5 checksum:    98324 e12c0f8109cc95a28d94032a33ba87f4


  These files will probably be moved into the stable distribution on
  its next update.

- 
---------------------------------------------------------------------------------
For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security 
dists/stable/updates/main
Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx
Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (GNU/Linux)

iD8DBQFD4vvfW5ql+IAeqTIRAvFwAJ9KISEDh8+23AOjpVNmpwh1fp62xQCgiuks
6Pn6y0aa4MFDmjGQQaKOhTI=
=WEpX
-----END PGP SIGNATURE-----