On 12/16/2016 02:12 PM, Lamar Owen wrote:
An interesting exploit:
packages have it.... lessee.... nope, didn't find the 'Game Music Emu'
(gstreamer-plugins-bad-extras contains this in Fedora 25) anywhere,
but I reserve the right to be wrong.
And five minutes later:
[lowen@dhcp-pool170 ~]$ yum list|grep game-music-emu
game-music-emu.x86_64 0.6.0-5.el7 @epel
game-music-emu-debuginfo.x86_64 0.6.0-3.el7.nux nux-dextop
game-music-emu-devel.x86_64 0.6.0-5.el7 epel
game-music-emu-player.x86_64 0.6.0-5.el7 epel
[lowen@dhcp-pool170 ~]$ rpm -ql game-music-emu
/usr/lib64/libgme.so.0
/usr/lib64/libgme.so.0.6.0
/usr/share/doc/game-music-emu-0.6.0
/usr/share/doc/game-music-emu-0.6.0/changes.txt
/usr/share/doc/game-music-emu-0.6.0/license.txt
/usr/share/doc/game-music-emu-0.6.0/readme.txt
[lowen@dhcp-pool170 ~]$
Yep, I was wrong: it is available (package name in the article was
wrong) but not installed by default (is in EPEL). So might be
vulnerable, might need to test on a burner machine.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos
