Updated chocolate-doom packages fix security vulnerability
Publication date: 31 Jul 2020Type: security
Affected Mageia releases : 7
CVE: CVE-2020-14983
Description
The server in Chocolate Doom 3.0.0 doesn't validate the user-controlled num_players value, leading to a buffer overflow. A malicious user can overwrite the server's stack (CVE-2020-14983).
References
SRPMS
7/core
- chocolate-doom-3.0.1-1.mga7