Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Ausführen beliebiger Kommandos in game-music-emu
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in game-music-emu
ID: DSA-3735-1
Distribution: Debian
Plattformen: Debian sid, Debian jessie
Datum: Do, 15. Dezember 2016, 07:37
Referenzen: http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html

Originalnachricht

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3735-1 security@debian.org
https://www.debian.org/security/ Moritz Muehlenhoff
December 15, 2016 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package : game-music-emu
CVE ID : not yet available

Chris Evans discovered that incorrect emulation of the SPC700 audio
co-processor of the Super Nintendo Entertainment System allows the
execution of arbitrary code if a malformed SPC music file is opened.
Further information can be found at
redux-compromising-linux-using-snes.html

For the stable distribution (jessie), this problem has been fixed in
version 0.5.5-2+deb8u1.

For the unstable distribution (sid), this problem has been fixed in
version 0.6.0-4.

We recommend that you upgrade your game-music-emu packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIcBAEBCAAGBQJYUdTEAAoJEBDCk7bDfE42QNsP/2intRpy37rvYiDAOHaHxfEw
2yU6afMuw/SAYDIU4Dj7pjkC+zz0y59lA4betqD8VqFokWjpy8Hy1C+i487jkLNJ
vs7OM19yDiotwbB69ijU52mDTF8QMUJ2DgPah/j6ZLqi/l34uy+vdCMTx4PgO4gN
F2F/esg0D6bC67Xll9iDwVJPJeYE4/GU5/s/XXw1prm0lAm4SiTKJVdrA9viiVn4
5xvL/V572/1VNNkFenHSqwixYvKd5yygLRKB47W9fHNDx9t6S3jUDA6diRbKsMOt
jcT8thjUe7o1YfC1bbcIURgJJA6abVZWjHSvX8grWhUINcpNTn2ZtetJDFChkuKS
QGACXI4qlPUgWXhovtiMxzQIDTeeXryJxmaNUAL9PY/T3By3Z6uBurkkxNIpKMdg
rQoMgc6SANlpVnHlz6LojqibCp5Ps2MQQI0rrJtoEkOJ4iv7DKs+/JGkS7MnfK/S
dS2ee/NaWA7yCCsB15aYAHlCOQYW3KTP7jmUBwA6eeKTG8+3mtbL17IjnegBA020
6gNmM5u1G3z6RxKTC8qLuXzEDKvbvc+7I4hbf4tf8BQ4VmWQUO95b4ZEibbFnHeL
N1bFBxnjnL5fmsSGH39QmKAtgqI1OdZPt8Y1hxNlj0bjgq2Xo8qtyL8RRzpswhd0
FL8VI1mPIoJdhmToHmLy
=l961
-----END PGP SIGNATURE-----
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung