Bug#1036970: 0ad: third party library (mbedtls) needs to be updated
Mariam Arutunian
mariamarutunian at gmail.com
Wed May 31 09:11:11 BST 2023
Package: 0ad
Version: 0.0.26-3
Severity: normal
X-Debbugs-Cc: mariamarutunian at gmail.com
Dear Maintainer,
The project mbedtsl which is used in 0ad project (path 0ad/build/premake/premake5/contrib/mbedtls) contains vulnerability (CVE-2019-16910, CVE-2017-14032).
The vulnerability is fixed in newer version of mbedtls, but in 0ad project the old (0.0.23) version is used.
-- System Information:
Debian Release: bookworm/sid
APT prefers jammy-updates
APT policy: (500, 'jammy-updates'), (500, 'jammy-security'), (500, 'jammy'), (100, 'jammy-backports')
Architecture: amd64 (x86_64)
Kernel: Linux 5.15.0-72-generic (SMP w/16 CPU threads)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect
More information about the Pkg-games-devel
mailing list