Debian Security Advisory
DSA-4478-1 dosbox -- security update
- Date Reported:
- 10 Jul 2019
- Affected Packages:
- Security database references:
- In Mitre's CVE dictionary: CVE-2019-7165, CVE-2019-12594.
- More information:
Two vulnerabilities were discovered in the DOSBox emulator, which could result in the execution of arbitrary code on the host running DOSBox when running a malicious executable in the emulator.
For the oldstable distribution (stretch), these problems have been fixed in version 0.74-4.2+deb9u2.
For the stable distribution (buster), these problems have been fixed in version 0.74-2-3+deb10u1.
We recommend that you upgrade your dosbox packages.