{
  "schema_version": "1.7.0",
  "id": "MGASA-2016-0003",
  "published": "2016-01-09T17:08:38Z",
  "modified": "2016-01-09T17:01:09Z",
  "summary": "Updated armagetron package fixes security vulnerabilities",
  "details": "A practically exploitable bug was fixed in the network error handling.\nIn client mode, any received packet that causes an exception during\nprocessing would terminate the connection to the server.\n\nAnother theoretically exploitable bug was fixed that allowed very short UDP\npackets to cause a memory reading beyond the input buffer.\n\nSeveral non-exploitable crash bugs and one pathological camera behavior\nwere also fixed.\n",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2016-0003.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=17439"
    },
    {
      "type": "WEB",
      "url": "http://sourceforge.net/projects/armagetronad/files/stable/0.2.8.3.3/releasenotes.txt/download"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:5",
        "name": "armagetron",
        "purl": "pkg:rpm/mageia/armagetron?arch=source&distro=mageia-5"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.2.8.3.3-1.mga5"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}