Login
Login-Name Passwort


 
Newsletter
Werbung

Sicherheit: Mehrere Probleme in Emacs
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in Emacs
ID: MDVSA-2015:117
Distribution: Mandriva
Plattformen: Mandriva Business Server 2.0
Datum: So, 29. März 2015, 14:07
Referenzen: http://advisories.mageia.org/MGASA-2014-0250.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424

Originalnachricht

This is a multi-part message in MIME format...

------------=_1427621966-10360-17

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2015:117
http://www.mandriva.com/en/support/security/
_______________________________________________________________________

Package : emacs
Date : March 29, 2015
Affected: Business Server 2.0
_______________________________________________________________________

Problem Description:

Updated emacs packages fix security vulnerabilities:

Steve Kemp discovered multiple temporary file handling issues in
Emacs. A local attacker could use these flaws to perform symbolic link
attacks against users running Emacs (CVE-2014-3421, CVE-2014-3422,
CVE-2014-3423, CVE-2014-3424).
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424
http://advisories.mageia.org/MGASA-2014-0250.html
_______________________________________________________________________

Updated Packages:

Mandriva Business Server 2/X86_64:
d9f008f7b320e274f828f4e3c12f87fe mbs2/x86_64/emacs-24.3-7.1.mbs2.x86_64.rpm
f0a641e5e2f16a28daeafa623c0fd179
mbs2/x86_64/emacs-common-24.3-7.1.mbs2.x86_64.rpm
c367752961a74f31e1b8111f8e363777
mbs2/x86_64/emacs-doc-24.3-7.1.mbs2.noarch.rpm
0e0536e56c6a7f94cd52ed72908ca471
mbs2/x86_64/emacs-el-24.3-7.1.mbs2.noarch.rpm
a5d5e9f3bd2e77b4a8094c4e7b147477
mbs2/x86_64/emacs-leim-24.3-7.1.mbs2.noarch.rpm
14ffc339e2302b0252e0e82148c7eecd
mbs2/x86_64/emacs-nox-24.3-7.1.mbs2.x86_64.rpm
ecef0a2fcec34515d8243558d9dc91dd mbs2/SRPMS/emacs-24.3-7.1.mbs2.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/en/support/security/advisories/

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iD8DBQFVF7kBmqjQ0CJFipgRAqDfAKDFvMnvZoOdeSt2qSR/6bI3tWs4nwCaAveC
pnnVGz4Fon1YLjznhhMTSwo=
=Ehsq
-----END PGP SIGNATURE-----


------------=_1427621966-10360-17
Content-Type: text/plain; charset="UTF-8";
name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva?
Go to http://store.mandriva.com
_______________________________________________________


------------=_1427621966-10360-17--
Pro-Linux
Traut euch!
Neue Nachrichten
Werbung