[SECURITY] Fedora 9 Update: maniadrive-1.2-13.fc9

updates at fedoraproject.org updates at fedoraproject.org
Sat May 30 02:38:47 UTC 2009

Fedora Update Notification
2009-04-21 23:56:05

Name        : maniadrive
Product     : Fedora 9
Version     : 1.2
Release     : 13.fc9
URL         : http://maniadrive.raydium.org/
Summary     : 3D stunt driving game
Description :
ManiaDrive is an arcade car game on acrobatic tracks, with a quick and nervous
gameplay (tracks almost never exceed one minute). Features: Complex car
physics, Challenging "story mode", LAN and Internet mode, Live scores,
Track editor, Dedicated server with HTTP interface and More than 30 blocks.

Update Information:

Update to PHP 5.2.9    A heap-based buffer overflow flaw was found in PHP's
mbstring extension. A remote attacker able to pass arbitrary input to a PHP
script using mbstring conversion functions could cause the PHP interpreter to
crash or, possibly, execute arbitrary code. (CVE-2008-5557)    A directory
traversal flaw was found in PHP's ZipArchive::extractTo function. If PHP is used
to extract a malicious ZIP archive, it could allow an attacker to write
arbitrary files anywhere the PHP process has write permissions. (CVE-2008-5658)
A buffer overflow flaw was found in PHP's imageloadfont function. If a PHP
script allowed a remote attacker to load a carefully crafted font file, it could
cause the PHP interpreter to crash or, possibly, execute arbitrary code.
(CVE-2008-3658)    A memory disclosure flaw was found in the PHP gd extension's
imagerotate function. A remote attacker able to pass arbitrary values as the
"background color" argument of the function could, possibly, view portions of
the PHP interpreter's memory. (CVE-2008-5498)    A cross-site scripting flaw was
found in a way PHP reported errors for invalid cookies. If the PHP interpreter
had "display_errors" enabled, a remote attacker able to set a specially-crafted
cookie on a victim's system could possibly inject arbitrary HTML into an error
message generated by PHP. (CVE-2008-5814)    A flaw was found in the handling of
the "mbstring.func_overload" configuration setting. A value set for one virtual
host, or in a user's .htaccess file, was incorrectly applied to other virtual
hosts on the same server, causing the handling of multibyte character strings to
not work correctly. (CVE-2009-0754)    A flaw was found in PHP's json_decode
function. A remote attacker could use this flaw to create a specially-crafted
string which could cause the PHP interpreter to crash while being decoded in a
PHP script. (CVE-2009-1271)    A flaw was found in the use of the uw-imap
library by the PHP "imap" extension. This could cause the PHP interpreter to
crash if the "imap" extension was used to read specially-crafted mail messages
with long headers. (CVE-2008-2829)    http://www.php.net/releases/5_2_7.php
http://www.php.net/releases/5_2_8.php  http://www.php.net/releases/5_2_9.php

* Thu Apr 16 2009 Remi Collet <Fedora at FamilleCollet.com> - 1.2-13
- Rebuild for php 5.2.9
* Sun Feb 15 2009 Hans de Goede <hdegoede at redhat.com> 1.2-12
- Fix maniadrive crashing with php 5.2.8 (and later)
- Fix maniadrive triggering an assert in the latest ode
* Wed Dec 17 2008 Hans de Goede <hdegoede at redhat.com> 1.2-11
- Rebuild for new php version
* Mon Sep 15 2008 Hans de Goede <j.w.r.degoede at hhs.nl> 1.2-10
- Rebuild for new ode
* Sat Jun 21 2008 Hans de Goede <j.w.r.degoede at hhs.nl> 1.2-9
- Rebuild for new php version

  [ 1 ] Bug #478425 - CVE-2008-5498 php: libgd imagerotate() array index error memory disclosure
  [ 2 ] Bug #494530 - CVE-2009-1271 php: crash on malformed input in json_decode()
  [ 3 ] Bug #459529 - CVE-2008-3658 php: buffer overflow in the imageloadfont function in gd extension
  [ 4 ] Bug #459572 - CVE-2008-3660 php: FastCGI module DoS via multiple dots preceding the extension
  [ 5 ] Bug #452808 - CVE-2008-2829 php: ext/imap legacy routine buffer overflow
  [ 6 ] Bug #474824 - CVE-2008-5658 php: ZipArchive::extractTo() Directory Traversal Vulnerability
  [ 7 ] Bug #478848 - CVE-2008-5557 php: Heap-based buffer overflow in the mbstring extension via crafted string containing a HTML entity (arb code execution)
  [ 8 ] Bug #479272 - CVE-2009-0754 PHP mbstring.func_overload web server denial of service

This update can be installed with the "yum" update program.  Use 
su -c 'yum update maniadrive' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at

More information about the Fedora-package-announce mailing list