Debian: DSA-3735-1: game-music-emu security update
Debian: DSA-3735-1: game-music-emu security update
Chris Evans discovered that incorrect emulation of the SPC700 audio co-processor of the Super Nintendo Entertainment System allows the execution of arbitrary code if a malformed SPC music file is opened. Further information can be found at
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3735-1 This email address is being protected from spambots. You need JavaScript enabled to view it. https://www.debian.org/security/ Moritz Muehlenhoff December 15, 2016 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : game-music-emu CVE ID : not yet available Chris Evans discovered that incorrect emulation of the SPC700 audio co-processor of the Super Nintendo Entertainment System allows the execution of arbitrary code if a malformed SPC music file is opened. Further information can be found at https://scarybeastsecurity.blogspot.de/2016/12/redux-compromising-linux-using-snes.html For the stable distribution (jessie), this problem has been fixed in version 0.5.5-2+deb8u1. For the unstable distribution (sid), this problem has been fixed in version 0.6.0-4. We recommend that you upgrade your game-music-emu packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it.