Bug#1133919: marked as pending in luanti
Tobias Frost
noreply at salsa.debian.org
Fri Apr 24 06:40:53 BST 2026
Control: tag -1 pending
Hello,
Bug #1133919 in luanti reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:
https://salsa.debian.org/games-team/luanti/-/commit/f681b5224141f592ff39f2c5ad2fcd2f07c25218
------------------------------------------------------------------------
* New upstream release. includes the following security fixes: (Closes: #1133919):
- CVE-2026-40959 - sandbox escape when LuaJIT is used.
- CVE-2026-41196 - mod sandbox escape with potential for arbitrary code
execution and full filesystem access
- CVE-2026-40960 - HTTP API and insecure environment access control
bypass
* Remove 0001-Fix-overflow-in-getMemorySizeMB-on-32-bit-arches.patch -
the once cherry-picked patch is now in part of the upstream release.
------------------------------------------------------------------------
(this message was generated automatically)
--
Greetings
https://bugs.debian.org/1133919
More information about the Pkg-games-devel
mailing list