Oval Definition:oval:org.mitre.oval:def:13652
Revision Date:2014-06-23Version:20
Title:DSA-1737-1 wesnoth -- several vulnerabilities
Description:Several security issues have been discovered in wesnoth, a fantasy turn-based strategy game. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0366 Daniel Franke discovered that the wesnoth server is prone to a denial of service attack when receiving special crafted compressed data. CVE-2009-0367 Daniel Franke discovered that the sandbox implementation for the python AIs can be used to execute arbitrary python code on wesnoth clients. In order to prevent this issue, the python support has been disabled. A compatibility patch was included, so that the affected campagne is still working properly. For the stable distribution, these problems have been fixed in version 1.4.4-2+lenny1. For the oldstable distribution, these problems have been fixed in version 1.2-5. For the testing distribution and the unstable distribution , these problems have been fixed in version 1.4.7-4. We recommend that you upgrade your wesnoth packages.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-0366
CVE-2009-0367
DSA-1737-1
Platform(s):Debian GNU/Linux 4.0
Product(s):wesnoth
Definition Synopsis
  • Debian GNU/Linux 4.0 is installed.
  • AND Architecture section
  • Architecture independent section
  • Installed architecture is all
  • AND Packages section
  • wesnoth-sotbe DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-aoi DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-tsg DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-nr DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-l DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-music DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-thot DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-trow DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-tools DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-sof DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-data DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-ttb DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-httt DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-did DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-ei DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-utbs DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-all DPKG is earlier than 1.4.4-2+lenny1
  • OR Architecture depended section
  • Supported architectures section
  • Installed architecture is s390
  • OR Installed architecture is amd64
  • OR Installed architecture is sparc
  • OR Installed architecture is arm
  • OR Installed architecture is i386
  • OR Installed architecture is armel
  • OR Installed architecture is mips
  • OR Installed architecture is ia64
  • OR Installed architecture is alpha
  • OR Installed architecture is powerpc
  • OR Installed architecture is mipsel
  • OR Installed architecture is hppa
  • AND Packages section
  • wesnoth-server DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-editor DPKG is earlier than 1.4.4-2+lenny1
  • OR wesnoth-dbg DPKG is earlier than 1.4.4-2+lenny1
    • BACK