{
  "schema_version": "1.7.0",
  "id": "MGASA-2023-0212",
  "published": "2023-06-28T05:21:41Z",
  "modified": "2023-06-29T02:13:24Z",
  "summary": "Updated xonotic packages fix security vulnerability",
  "details": "A bug was discovered in versions older than 0.8.6 that is believed to be\nexploitable by malicious server admins to crash clients or, if they defeat\nmitigations, execute arbitrary code. No working exploit code is known to\nexist at this time,\nSee referenced release notes for other changes.\n",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://advisories.mageia.org/MGASA-2023-0212.html"
    },
    {
      "type": "REPORT",
      "url": "https://bugs.mageia.org/show_bug.cgi?id=32038"
    },
    {
      "type": "WEB",
      "url": "https://xonotic.org/posts/2023/xonotic-0-8-6-release/"
    }
  ],
  "affected": [
    {
      "package": {
        "ecosystem": "Mageia:8",
        "name": "xonotic",
        "purl": "pkg:rpm/mageia/xonotic?arch=source&distro=mageia-8"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.8.6-1.mga8"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    },
    {
      "package": {
        "ecosystem": "Mageia:8",
        "name": "xonotic-data",
        "purl": "pkg:rpm/mageia/xonotic-data?arch=source&distro=mageia-8"
      },
      "ranges": [
        {
          "type": "ECOSYSTEM",
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "0.8.6-1.mga8"
            }
          ]
        }
      ],
      "ecosystem_specific": {
        "section": "core"
      }
    }
  ],
  "credits": [
    {
      "name": "Mageia",
      "type": "COORDINATOR",
      "contact": [
        "https://wiki.mageia.org/en/Packages_Security_Team"
      ]
    }
  ]
}