A Wesnoth-1.8 security update has been released for Debian 6 LTS
Package : wesnoth-1.8
Version : 1:1.8.5-1+deb6u1
CVE ID : CVE-2015-0844
Ignacio R. Morelle discovered that missing path restrictions in the
"Battle of Wesnoth" game could result in the disclosure of arbitrary
files in the user's home directory if malicious campaigns/maps are
loaded.
For the oldstable distribution (distribution), this problem has been
fixed in version 1:1.8.5-1+deb6u1. See DSA-3218-1 for the versions of
the other releases.