* Paul Wise <p...@debian.org> [150714 18:20]: > According to this Youtube video and forum post, there are at least 3 > vulnerabilities in zsnes that allow ROMs to escape the zsnes > emulator and execute arbitrary code on the host running zsnes. The > known issues will be fixed in 1.52 but there may be more issues. > This may or may not be related to the cppcheck warnings from bug > #610313.
Thanks for the report. While neither the exploit code nor a fix is out, I believe that the best course of action is indeed to write a patch for #610313. It may also be possible that due to hardening patches, this bug is not exploitable in Debian. -- Etienne Millon
signature.asc
Description: Digital signature
