Bug 1196659 - (CVE-2022-24300) VUL-0: CVE-2022-24300: minetest: ItemStack meta injection vulnerability in Minetest
(CVE-2022-24300)
VUL-0: CVE-2022-24300: minetest: ItemStack meta injection vulnerability in Mi...
Status: NEW
Classification: openSUSE
Product: openSUSE Distribution
Classification: openSUSE
Component: Security
Leap 15.4
Other Other
: P3 - Medium : Major (vote)
: ---
Assigned To: Maximilian Trummer
Security Team bot
https://smash.suse.de/issue/322417/
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2022-03-02 15:14 UTC by Gabriele Sonnu
Modified: 2022-03-02 17:28 UTC (History)
1 user (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Comment 1 Gabriele Sonnu 2022-03-02 15:19:22 UTC
Affected packages:

- openSUSE:Backports:SLE-15-SP3/minetest  5.2.0

please update to a non vulnerable version (>5.4.0).
Comment 2 Maximilian Trummer 2022-03-02 17:28:45 UTC
Thanks for the report. Unfortunately I'm very busy at the moment and I'm not familiar for the procedure of getting backports into Leap, so I tagged the last contributor to the package.