On Fri, Oct 20, 2023 at 11:19:01AM -0400, D. Hugh Redelmeier via talk wrote: > TL;DR: update libcue to a version released after October 10. > > I read this last night: > <https://arstechnica.com/information-technology/2023/10/one-click-remote-code-exploit-in-cd-cue-files-affects-most-gnome-based-linux-distros/> > <https://nvd.nist.gov/vuln/detail/CVE-2023-43641> >
[snip] > > You can update your system to get a fixed libcue. The fix is in version > 2.3.0. > > Fedora 37 and 38 have fixes in version 2.2.1-13. I checked this by using > "rpm -q --changelog libcue | less". Fixed in Debian 11 and 12 (bullseye and bookworm, respectively) by debian package versions 2.2.1-3+deb11u1 (for bullseye) and 2.2.1-4+deb12u1 (for bookworm) on 11 October. $ sudo apt update && sudo apt upgrade -- joeDoe --- Post to this mailing list [email protected] Unsubscribe from this mailing list https://gtalug.org/mailman/listinfo/talk
