[CentOS] libgme drive-by exploit.
Lamar Owen
lowen at pari.eduFri Dec 16 19:38:45 UTC 2016
- Previous message: [CentOS] libgme drive-by exploit.
- Next message: [CentOS] Looking for latest C7 kernel-plus SRPM
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On 12/16/2016 02:32 PM, Frank Cox wrote: > rpm -q --whatprovides /usr/lib64/libgme.so.0 > game-music-emu-0.6.0-5.el7.x86_64 > Like I said, I always reserve the right to be wrong. Debian has issued an update with a list of CVE's that are so new that they're not on mitre yet. Debian DSA-3735-1: https://security-tracker.debian.org/tracker/DSA-3735-1 This will be an EPEL update and not a CentOS one, as CentOS from media with no third-party repos does not have the affected library libgme. But a heads-up nonetheless, and a really good read if you are into how something like this (where this is Super NES audio chip (SPC700) assembly code) can cause a modern Linux distribution to be compromised. Silently, and in a drive-by-download fully automatic manner.
- Previous message: [CentOS] libgme drive-by exploit.
- Next message: [CentOS] Looking for latest C7 kernel-plus SRPM
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list