On Fri, 2016-12-16 at 12:18 -0500, Matthew Miller wrote:
So, this has been going around the press https://scarybeastsecurity.blogspot.com/2016/12/redux-compromising-linux-usi...
Upstream tracker added seccomp sandboxing in response to an earlier exploit (against F24) found by the same researcher, and we actually have an update for that https://bodhi.fedoraproject.org/updates/FEDORA-2016-cc3ab3b292 unfortunately sitting in testing at the time of the blog post's publication and just out to stable updates today.
Can someone confirm that this update at least mitigates the issue highlighted in the blog?
Note game-music-emu updates are now in updates-testing, it would be good to get testing and karma on those to get them pushed out stable ASAP. Thanks.
https://bodhi.fedoraproject.org/updates/?packages=game-music-emu