Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
89
security advisoryunauthorized accessfedoraFedora 44 Minetest 5.15.2 Security Advisory - Luanti Exploits
5.15.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-b42cf3db3b 2026-04-25 01:21:36.173336+00:00 -------------------------------------------------------------------------------- Name : minetest Product : Fedora 44 Version : 5.15.2 Release : 1.fc44 URL : https://luanti.org Summary : Multiplayer infinite-world block sandbox with survival mode Description : Game of mining, crafting and building in the infinite world of cubic blocks with optional hostile creatures, features both single and the network multiplayer mode, mods. Public multiplayer servers are available. -------------------------------------------------------------------------------- Update Information: 5.15.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 16 2026 Gwyn Ciesla - 5.15.2-1 - 5.15.2 * Sun Mar 22 2026 Bjrn Esser - 5.15.1-2 - Rebuild (jsoncpp) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458512 - minetest-5.15.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2458512 [ 2 ] Bug #2458908 - CVE-2026-40960 minetest: Luanti: Unauthorized access to insecure environment via crafted module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458908 [ 3 ] Bug #2458909 - CVE-2026-40959 minetest: Luanti: Lua sandbox escape via crafted mod [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458909 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-b42cf3db3b' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Fedora 44 Security Update: Minetest 5.15.2 fixes unauthorized access and Lua sandbox escape vulnerabilities.. minetest security update,Fedora Linux vulnerabilities,Lua sandbox security. . Severity: Important. LinuxSecurity.com Team
Apr 25, 2026
•Important
Fedora
89
security advisoryunauthorized accessfedoraFedora 42 Minetest Critical Unauthorized Access Lua Sandbox Breach
5.15.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-036e523144 2026-04-25 00:52:53.710780+00:00 -------------------------------------------------------------------------------- Name : minetest Product : Fedora 42 Version : 5.15.2 Release : 1.fc42 URL : https://luanti.org Summary : Multiplayer infinite-world block sandbox with survival mode Description : Game of mining, crafting and building in the infinite world of cubic blocks with optional hostile creatures, features both single and the network multiplayer mode, mods. Public multiplayer servers are available. -------------------------------------------------------------------------------- Update Information: 5.15.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 16 2026 Gwyn Ciesla - 5.15.2-1 - 5.15.2 * Sun Mar 22 2026 Bjrn Esser - 5.15.1-2 - Rebuild (jsoncpp) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458512 - minetest-5.15.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2458512 [ 2 ] Bug #2458908 - CVE-2026-40960 minetest: Luanti: Unauthorized access to insecure environment via crafted module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458908 [ 3 ] Bug #2458909 - CVE-2026-40959 minetest: Luanti: Lua sandbox escape via crafted mod [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458909 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-036e523144' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Critical updates for minetest in Fedora 42 address security threats including unauthorized access and Lua sandbox escapes.. Fedora 42, minetest security, software update, sandbox escape, unauthorized access. . Severity: Important. LinuxSecurity.com Team
Apr 25, 2026
•Important
Fedora
89
security advisoryunauthorized accessfedoraFedora 43 Minetest 5.15.2 Advisory on Unauthorized Access and Lua Escape
5.15.2. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2026-52b9116b3d 2026-04-24 00:53:58.937467+00:00 -------------------------------------------------------------------------------- Name : minetest Product : Fedora 43 Version : 5.15.2 Release : 1.fc43 URL : https://luanti.org Summary : Multiplayer infinite-world block sandbox with survival mode Description : Game of mining, crafting and building in the infinite world of cubic blocks with optional hostile creatures, features both single and the network multiplayer mode, mods. Public multiplayer servers are available. -------------------------------------------------------------------------------- Update Information: 5.15.2 -------------------------------------------------------------------------------- ChangeLog: * Thu Apr 16 2026 Gwyn Ciesla - 5.15.2-1 - 5.15.2 * Sun Mar 22 2026 Bjrn Esser - 5.15.1-2 - Rebuild (jsoncpp) -------------------------------------------------------------------------------- References: [ 1 ] Bug #2458512 - minetest-5.15.2 is available https://bugzilla.redhat.com/show_bug.cgi?id=2458512 [ 2 ] Bug #2458908 - CVE-2026-40960 minetest: Luanti: Unauthorized access to insecure environment via crafted module [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458908 [ 3 ] Bug #2458909 - CVE-2026-40959 minetest: Luanti: Lua sandbox escape via crafted mod [fedora-all] https://bugzilla.redhat.com/show_bug.cgi?id=2458909 -------------------------------------------------------------------------------- This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2026-52b9116b3d' at the command line. For more information, refer to the dnf documentation available at http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be foundat https://fedoraproject.org/keys -------------------------------------------------------------------------------- . Minetest 5.15.2 on Fedora 43 resolves critical security issues including Lua sandbox escapes.. Fedora 43, Minetest, security fix, application update, cyber threat. . Severity: Critical. LinuxSecurity.com Team
Apr 24, 2026
•Critical
Fedora
203
security advisorymoderategame patchMageia 8: 2023-0005 Moderate: Minetest Lua Exploit Threat
This update provides minetest 5.6.1, the latest stable release of the open source voxel game. This updates provides a number of feature and bug fix changes compared to the previous version 5.4.0 provided in Mageia 8. See the linked release notes and changelogs for details. . MGASA-2023-0005 - Updated minetest packages fix security vulnerability Publication date: 13 Jan 2023 URL: https://advisories.mageia.org/MGASA-2023-0005.html Type: security Affected Mageia releases: 8 CVE: CVE-2022-35978 This update provides minetest 5.6.1, the latest stable release of the open source voxel game. This updates provides a number of feature and bug fix changes compared to the previous version 5.4.0 provided in Mageia 8. See the linked release notes and changelogs for details. The update also improves compatibility with hosted game servers, which typically run and expect the latest stable release. The update also fixes a security vulnerability affecting single player with malicious mods (GHSA-663q-pcjw-27cc) In single player, a mod could set a global setting that controls the Lua script loaded to display the main menu. The script would be loaded as soon as the game session is exited. The Lua environment the menu runs in was not sandboxed and could directly interfere with the user's system. (CVE-2022-35978) References: - https://bugs.mageia.org/show_bug.cgi?id=31363 - https://blog.luanti.org/2022/08/04/5.6.0-released/ - https://docs.luanti.org/Changelog/ - https://docs.luanti.org/Changelog/ - https://docs.luanti.org/Changelog/ - https://github.com/luanti-org/luanti/security/advisories/GHSA-663q-pcjw-27cc - https://www.cve.org/CVERecord?id=CVE-2022-35978 SRPMS: - 8/core/minetest-5.6.1-1.mga8 . Mageia 2023-0005 upgrades minetest to address a major security flaw impacting single player gameplay due to harmful modifications.. Mageia Minetest Security Update, Lua Scripting Vulnerability, Single Player Game Threats. . Severity: Important. LinuxSecurity.com Team
Jan 13, 2023
•Important
Mageia
202
security advisoryhigh severitysecurity fixopenSUSE: 2023:0001-1 Important: Minetest Bug Fix for High Severity Issue
An update that solves one vulnerability and has two fixes is now available. . openSUSE Security Update: Security update for minetest ______________________________________________________________________________ Announcement ID: openSUSE-SU-2023:0001-1 Rating: important References: #1181400 #1193141 #1202423 Cross-References: CVE-2022-35978 CVSS scores: CVE-2022-35978 (NVD) : 10 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H Affected Products: openSUSE Backports SLE-15-SP3 openSUSE Backports SLE-15-SP4 ______________________________________________________________________________ An update that solves one vulnerability and has two fixes is now available. Description: This update for minetest fixes the following issues: Update to version 5.6.0 * Fix CVE-2022-35978 ( boo#1202423 ): Mod scripts can escape sandbox in single player mode * `name` in game.conf is deprecated for the game title, use `title` instead * Add depth sorting for node faces * Various bug fixes * Full changes: https://docs.luanti.org/Changelog/ - Introduced mbranch-protection=none CXX flag to resolve boo#1193141 (aarch64). Update to version 5.5.0 & 5.5.1: * Full log for version 5.5.0: https://docs.luanti.org/Changelog/ * This release switches from Irrlicht to our own fork called IrrlichtMt. * Full log for version 5.5.1: https://docs.luanti.org/Changelog/ * This is a maintenance release based on 5.5.0, it contains bugfixes but no new features. - Added hardening to systemd service(s) (boo#1181400). - Update to version 5.4.1: * This is a maintenance release based on 5.4.0, it contains bugfixes but no new features. - Update to version 5.4.0 * Full log: https://docs.luanti.org/Changelog/ * Removed support for bumpmapping, generated normal maps and parallax occlusion * By default, the crosshair will nowchange to an "X" when pointing to objects * Prevent players accessing inventories of other players * Prevent interacting with items out of the hotbar * Prevent players from being able to modify ItemStack meta - Update to version 5.3.0. (see https://docs.luanti.org/Changelog/ * Formspec improvements, including a scrolling GUI element * Performance improvements to the Server and API * Many bug fixes and small features - Now requires desktop-file-utils version > = 0.25. Patch Instructions: To install this openSUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: - openSUSE Backports SLE-15-SP4: zypper in -t patch openSUSE-2023-1=1 - openSUSE Backports SLE-15-SP3: zypper in -t patch openSUSE-2023-1=1 Package List: - openSUSE Backports SLE-15-SP4 (aarch64 ppc64le s390x x86_64): minetest-5.6.0-bp154.2.3.5 minetest-debuginfo-5.6.0-bp154.2.3.5 minetest-debugsource-5.6.0-bp154.2.3.5 minetestserver-5.6.0-bp154.2.3.5 minetestserver-debuginfo-5.6.0-bp154.2.3.5 - openSUSE Backports SLE-15-SP4 (noarch): minetest-data-5.6.0-bp154.2.3.5 minetest-lang-5.6.0-bp154.2.3.5 - openSUSE Backports SLE-15-SP3 (aarch64 ppc64le s390x x86_64): minetest-5.6.0-bp153.2.3.1 minetestserver-5.6.0-bp153.2.3.1 - openSUSE Backports SLE-15-SP3 (noarch): minetest-data-5.6.0-bp153.2.3.1 minetest-lang-5.6.0-bp153.2.3.1 References: https://www.suse.com/security/cve/CVE-2022-35978.html https://bugzilla.suse.com/1181400 https://bugzilla.suse.com/1193141 https://bugzilla.suse.com/1202423 . Communicating crucial revisions and patches for Minetest on openSUSE, aimed at improving security and optimizing performance.. openSUSE Minetest Update, Important Security Patch, Systemd Service Hardening. . Severity: Important. LinuxSecurity.com Team
Jan 03, 2023
•Important
OpenSUSE
87
security advisorydenial of serviceupdateDebian: DSA-5075-1 Minor: Minetest Exploits and Denial Of Service
Several vulnerabilities have been discovered in Minetest, a sandbox video game and game creation system. These issues may allow attackers to manipulate game mods and grant them an unfair advantage over other players. These flaws could also be abused for a denial of service attack against a Minetest server or if . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-5075-1
Feb 13, 2022
•Important
Debian
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!