Debian Security Advisory DSA-3735-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
December 15, 2016 https://www.debian.org/security/faq
Package : game-music-emu
CVE ID : not yet available
Chris Evans discovered that incorrect emulation of the SPC700 audio
co-processor of the Super Nintendo Entertainment System allows the
execution of arbitrary code if a malformed SPC music file is opened.
Further information can be found at
http://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html
For the stable distribution (jessie), this problem has been fixed in
version 0.5.5-2+deb8u1.
For the unstable distribution (sid), this problem has been fixed in
version 0.6.0-4.
We recommend that you upgrade your game-music-emu packages.
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 8 | ppc64el | libgme-dev | < 0.5.5-2+deb8u1 | libgme-dev_0.5.5-2+deb8u1_ppc64el.deb |
Debian | 8 | armel | libgme0 | < 0.5.5-2+deb8u1 | libgme0_0.5.5-2+deb8u1_armel.deb |
Debian | 8 | armel | libgme-dev | < 0.5.5-2+deb8u1 | libgme-dev_0.5.5-2+deb8u1_armel.deb |
Debian | 8 | amd64 | libgme-dev | < 0.5.5-2+deb8u1 | libgme-dev_0.5.5-2+deb8u1_amd64.deb |
Debian | 8 | powerpc | libgme0 | < 0.5.5-2+deb8u1 | libgme0_0.5.5-2+deb8u1_powerpc.deb |
Debian | 8 | armhf | libgme-dev | < 0.5.5-2+deb8u1 | libgme-dev_0.5.5-2+deb8u1_armhf.deb |
Debian | 8 | kfreebsd-i386 | libgme0 | < 0.5.5-2+deb8u1 | libgme0_0.5.5-2+deb8u1_kfreebsd-i386.deb |
Debian | 8 | mips | libgme-dev | < 0.5.5-2+deb8u1 | libgme-dev_0.5.5-2+deb8u1_mips.deb |
Debian | 8 | amd64 | libgme0 | < 0.5.5-2+deb8u1 | libgme0_0.5.5-2+deb8u1_amd64.deb |
Debian | 8 | mips | libgme0 | < 0.5.5-2+deb8u1 | libgme0_0.5.5-2+deb8u1_mips.deb |