ASA-201807-15 log generated external raw

[ASA-201807-15] wesnoth: arbitrary code execution
Arch Linux Security Advisory ASA-201807-15 ========================================== Severity: High Date : 2018-07-25 CVE-ID : CVE-2018-1999023 Package : wesnoth Type : arbitrary code execution Remote : Yes Link : Summary ======= The package wesnoth before version 1.14.4-1 is vulnerable to arbitrary code execution. Resolution ========== Upgrade to 1.14.4-1. # pacman -Syu "wesnoth>=1.14.4-1" The problem has been fixed upstream in version 1.14.4. Workaround ========== None. Description =========== "The Battle for Wesnoth", which allows arbitrary code execution by exploiting a vulnerability within the Lua scripting language engine which allows escaping existing sandbox measures in place and executing untrusted bytecode Impact ====== A remote attacker is able to execute arbitrary code when a user downloads game content in a multiplayer game or via a player content distribution server. References ==========