|
|
Subscribe / Log in / New account

Debian-LTS alert DLA-202-1 (wesnoth-1.8)



From:
    	      Rhonda D'Vine <rhonda@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 202-1] wesnoth-1.8 security update 


Date:
    	      Fri, 17 Apr 2015 19:39:19 +0200


Message-ID:
    	      <20150417173919.GA7790@jackjack.deb.at>


Package        : wesnoth-1.8
Version        : 1:1.8.5-1+deb6u1
CVE ID         : CVE-2015-0844

Ignacio R. Morelle discovered that missing path restrictions in the
"Battle of Wesnoth" game could result in the disclosure of arbitrary
files in the user's home directory if malicious campaigns/maps are
loaded.

For the oldstable distribution (distribution), this problem has been
fixed in version 1:1.8.5-1+deb6u1.  See DSA-3218-1 for the versions of
the other releases.
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds