{"id":"MGASA-2020-0190","summary":"Updated crawl packages fix security vulnerability","details":"Updated crawl packages fix security vulnerability\n\ncrawl 0.24.0 and earlier are subject to possible remote code evaluation\nwith lua loadstring (CVE-2020-11722).\n\nThis update fixes it, also updating crawl from version 0.23.2 to 0.24.1,\nwith the following main gameplay changes:\n\n* Vampire species simplified\n* Thrown weapons streamlined\n* Fedhas reimagined\n* Sif Muna reworked\n","modified":"2026-04-16T04:41:20.308136086Z","published":"2020-05-05T12:20:37Z","upstream":["CVE-2020-11722"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2020-0190.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=26552"},{"type":"WEB","url":"https://lists.opensuse.org/opensuse-updates/2020-04/msg00113.html"},{"type":"WEB","url":"https://raw.githubusercontent.com/crawl/crawl/0.24.1/crawl-ref/docs/changelog.txt"},{"type":"WEB","url":"https://github.com/crawl/crawl/commits/a250c9d538d3db384407f7e61470e8ec65ad5b83"}],"affected":[{"package":{"name":"crawl","ecosystem":"Mageia:7","purl":"pkg:rpm/mageia/crawl?arch=source&distro=mageia-7"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"0.24.1-2.ga250c9d538.1.mga7"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2020-0190.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}