Home / mailings [USN-7969-1] Dungeon Crawl Stone Stoup vulnerability
Posted on 20 January 2026
Ubuntu Security==========================================================================Ubuntu Security Notice USN-7969-1
January 19, 2026
crawl vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
- Ubuntu 18.04 LTS
- Ubuntu 16.04 LTS
Summary:
Dungeon Crawl Stone Soup could be made to execute arbitrary code if it
opened a specially crafted file.
Software Description:
- crawl: a text-based roguelike game
Details:
David Mendenhall discovered that Dungeon Crawl Stone Soup was incorrectly
handling Lua bytecode embedded in an uploaded .crawlrc file. An attacker
could possibly use this issue to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS
crawl 2:0.24.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
crawl-common 2:0.24.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
crawl-tiles 2:0.24.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
crawl-tiles-data 2:0.24.0-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 18.04 LTS
crawl 2:0.21.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
crawl-common 2:0.21.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
crawl-tiles 2:0.21.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
crawl-tiles-data 2:0.21.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
Ubuntu 16.04 LTS
crawl 2:0.17.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
crawl-common 2:0.17.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
crawl-tiles 2:0.17.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
crawl-tiles-data 2:0.17.1-1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-7969-1
CVE-2020-11722
--===============6655022425626178083==Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
