MGASA-2015-0282

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2015-0282.html

Import Source

https://advisories.mageia.org/MGASA-2015-0282.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2015-0282

Upstream

CVE-2015-5069

CVE-2015-5070

Published

2015-07-27T17:18:02Z

Modified

2026-04-16T06:22:51.227644069Z

Summary

Updated wesnoth packages fix security vulnerability

Details

Toom Lõhmus discovered that the Lua API and preprocessor in the Battle for Wesnoth game up to version 1.12.2 included could lead to client-side authentication information disclosure using maliciously crafted files with the .pdb extension (CVE-2015-5069, CVE-2015-5070).

This issue has been fixed using patches from upstream's 1.10.x branch.

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:4 / wesnoth

Package

Name: wesnoth
Purl: pkg:rpm/mageia/wesnoth?arch=source&distro=mageia-4

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1.10.7-2.2.mga4

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2015-0282.json"