Описание
Security update for crawl
This update for crawl fixes the following issues:
- CVE-2020-11722: Fixed a remote code evaluation issue with lua loadstring (boo#1169381)
Update to version 0.24.0
- Vampire species simplified
- Thrown weapons streamlined
- Fedhas reimagined
- Sif Muna reworked
Update to version 0.23.2
- Trap system overhaul
- New Gauntlet portal to replace Labyrinths
- Nemelex Xobeh rework
- Nine unrandarts reworked and the new 'Rift' unrandart added
- Support for seeded dungeon play
- build requires python and python-pyYAML
Update to 0.22.0
- Player ghosts now only appear in sealed ghost vaults
- New spell library interface
- User interface revamp for Tiles and WebTiles
Список пакетов
SUSE Package Hub 15 SP1
crawl-0.24.0-bp151.4.3.2
crawl-data-0.24.0-bp151.4.3.2
crawl-sdl-0.24.0-bp151.4.3.2
openSUSE Leap 15.1
crawl-0.24.0-bp151.4.3.2
crawl-data-0.24.0-bp151.4.3.2
crawl-sdl-0.24.0-bp151.4.3.2
Ссылки
- E-Mail link for openSUSE-SU-2020:0549-1
- SUSE Security Ratings
- SUSE Bug 1169381
- SUSE CVE CVE-2020-11722 page
Описание
Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows remote attackers to execute arbitrary code via Lua bytecode embedded in an uploaded .crawlrc file.
Затронутые продукты
SUSE Package Hub 15 SP1:crawl-0.24.0-bp151.4.3.2
SUSE Package Hub 15 SP1:crawl-data-0.24.0-bp151.4.3.2
SUSE Package Hub 15 SP1:crawl-sdl-0.24.0-bp151.4.3.2
openSUSE Leap 15.1:crawl-0.24.0-bp151.4.3.2
Ссылки
- CVE-2020-11722
- SUSE Bug 1169381