-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 13 Feb 2022 20:46:14 CET Source: minetest Architecture: source Version: 5.3.0+repack-2.1+deb11u1 Distribution: bullseye-security Urgency: high Maintainer: Debian Games Team <pkg-games-devel@lists.alioth.debian.org> Changed-By: Markus Koschany <apo@debian.org> Checksums-Sha1: 36bf7695ccb1b032f7b2b74e7de2d789f75e7365 2782 minetest_5.3.0+repack-2.1+deb11u1.dsc 10af7fa33c30a445c71d12b6df49be6898b11106 12544280 minetest_5.3.0+repack.orig.tar.gz 5cb453b61f81e56e8e7cb90251f6fd0e9a044c2c 39256 minetest_5.3.0+repack-2.1+deb11u1.debian.tar.xz c11e868f954da43ce639b1764d9fa835f61238f5 12918 minetest_5.3.0+repack-2.1+deb11u1_amd64.buildinfo Checksums-Sha256: 4e717039762cbe7469ed5b32df46905b6cbd501b9eb30c8de8cc398ec9c61b64 2782 minetest_5.3.0+repack-2.1+deb11u1.dsc 67aa51e8ff881d25325af28c367df75214c3081cbafbd7cf66dc2dadf0ee79bf 12544280 minetest_5.3.0+repack.orig.tar.gz f7b0b00ad7c0b66892e2d1cce39a144f2d3d0d099e5a396673c2b439baffdbf1 39256 minetest_5.3.0+repack-2.1+deb11u1.debian.tar.xz 1f15fa6fd43d15439504d27d7f1bae317a34317fefb9631db0e901d9a4a66307 12918 minetest_5.3.0+repack-2.1+deb11u1_amd64.buildinfo Closes: 1004223 Changes: minetest (5.3.0+repack-2.1+deb11u1) bullseye-security; urgency=high . * Fix CVE-2022-24300 and CVE-2022-24301: Several vulnerabilities have been discovered in Minetest. These issues may allow attackers to manipulate game mods by adding or modifying meta fields of the same item stack and grant them an unfair advantage over other players. These flaws could also be abused for a denial of service attack. (Closes: #1004223) Files: c440f526f9c79abbebdc6cc40f1e4706 2782 games optional minetest_5.3.0+repack-2.1+deb11u1.dsc 2f0c123aa1b06719099b356a92b3b99a 12544280 games optional minetest_5.3.0+repack.orig.tar.gz 4d03ac57b911671902eb0cc673699b78 39256 games optional minetest_5.3.0+repack-2.1+deb11u1.debian.tar.xz 2f2138d1d1a080715cac1e298ff4d064 12918 games optional minetest_5.3.0+repack-2.1+deb11u1_amd64.buildinfo -----BEGIN PGP SIGNATURE----- iQKjBAEBCgCNFiEErPPQiO8y7e9qGoNf2a0UuVE7UeQFAmIJYDtfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEFD RjNEMDg4RUYzMkVERUY2QTFBODM1RkQ5QUQxNEI5NTEzQjUxRTQPHGFwb0BkZWJp YW4ub3JnAAoJENmtFLlRO1HklaQP/3R95711fK57aMHUHodrzoYTHTAIqGaOcREl 4N2vll+oo1zDD44YytkR6w5oOKQlcnalnez3NX8tSU+mo2/ehyf/wCyltrFGBSzJ kOuWp+ynCNcHvrjgcHYz/FeE29ze/zBsoYgtvG9+VKdp2WohYm8a/1IBBJr5m871 WDfePCZiiY9Dmo5kKhec2b27SaAETOKjL70qFt6Zv61MMFKjXP7CdH9cOtZAeobV zw6sm71FiQYyPEMnV10hy8zZXHZk1bh7FAIJa3RQr1boSQ0CdxRLqIWx/w4iSa7H i85CPkqGrE3sn85Yc/k48hNS2Cd5+mD+HGnV766AKlY+fa66oilT6fu3u3+hiJBQ IjcJxW2WYK2pYTtMQdN1pQTODUGEy2XdlqLPw/XkKpQYRITFJ5qqUPoODksGxlF5 4jdxhpTMbpfWIfNJ54bgd5ej/EEFPTbcojIbK9MkXn2yJi/t0PV/mamm3XepUbZF hwvALnaQM3DL/3RO4097/doaYhEoS8qVtambqcBkiR8YOxdNSaARZY3vOt9RJEd1 emxKKxVd3dszhOwjb6ONHyg396lDcJEuqORkAG8yoCqOPvV20g3P3hHXXALW7q+F Vvh4dybQLZmz9DFLHq0HOTCrKlmKR5bONCNR5oK5YVEFXopwDniM4ZhKrd9hFZ9K m1YquZhS =aUuA -----END PGP SIGNATURE-----