Security Information / 2019 / Security Information -- DSA-4478-1 dosbox

Debian Security Advisory

DSA-4478-1 dosbox -- security update

Date Reported:

10 Jul 2019

Affected Packages:

dosbox

Vulnerable:

Yes

Security database references:

In Mitre's CVE dictionary: CVE-2019-7165, CVE-2019-12594.

More information:

Two vulnerabilities were discovered in the DOSBox emulator, which could result in the execution of arbitrary code on the host running DOSBox when running a malicious executable in the emulator.

For the oldstable distribution (stretch), these problems have been fixed in version 0.74-4.2+deb9u2.

For the stable distribution (buster), these problems have been fixed in version 0.74-2-3+deb10u1.

We recommend that you upgrade your dosbox packages.