On 12/16/2016 02:32 PM, Frank Cox wrote:
rpm -q --whatprovides /usr/lib64/libgme.so.0
game-music-emu-0.6.0-5.el7.x86_64
Like I said, I always reserve the right to be wrong. Debian has issued
an update with a list of CVE's that are so new that they're not on mitre
yet. Debian DSA-3735-1:
On Fri, 16 Dec 2016 14:12:31 -0500
Lamar Owen wrote:
> While this is tailored to Fedora 25 (with Chrome) and Ubuntu 16.04, in
> checking my CentOS 7 system I find that it is not vulnerable simply
> because it doesn't have the libgme used by gstreamer-plugins-bad to make
> it work.
rpm -q
On 12/16/2016 02:12 PM, Lamar Owen wrote:
An interesting exploit:
packages have it lessee nope, didn't find the 'Game Music Emu'
(gstreamer-plugins-bad-extras contains this in Fedora 25) anywhere,
but I reserve the right to be wrong.
And five minutes later:
[lowen@dhcp-pool170 ~]$
An interesting exploit:
https://scarybeastsecurity.blogspot.com/2016/12/redux-compromising-linux-using-snes.html
While this is tailored to Fedora 25 (with Chrome) and Ubuntu 16.04, in
checking my CentOS 7 system I find that it is not vulnerable simply
because it doesn't have the libgme used
4 matches
Mail list logo
