drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Mehrere Probleme in Emacs
Name: |
Mehrere Probleme in Emacs |
|
ID: |
MDVSA-2015:117 |
|
Distribution: |
Mandriva |
|
Plattformen: |
Mandriva Business Server 2.0 |
|
Datum: |
So, 29. März 2015, 14:07 |
|
Referenzen: |
http://advisories.mageia.org/MGASA-2014-0250.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3423
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 |
|
Applikationen: |
Emacs |
|
Originalnachricht |
This is a multi-part message in MIME format...
------------=_1427621966-10360-17
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
_______________________________________________________________________
Mandriva Linux Security Advisory MDVSA-2015:117 http://www.mandriva.com/en/support/security/ _______________________________________________________________________
Package : emacs Date : March 29, 2015 Affected: Business Server 2.0 _______________________________________________________________________
Problem Description:
Updated emacs packages fix security vulnerabilities: Steve Kemp discovered multiple temporary file handling issues in Emacs. A local attacker could use these flaws to perform symbolic link attacks against users running Emacs (CVE-2014-3421, CVE-2014-3422, CVE-2014-3423, CVE-2014-3424). _______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3421 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3422 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3423 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3424 http://advisories.mageia.org/MGASA-2014-0250.html _______________________________________________________________________
Updated Packages:
Mandriva Business Server 2/X86_64: d9f008f7b320e274f828f4e3c12f87fe mbs2/x86_64/emacs-24.3-7.1.mbs2.x86_64.rpm f0a641e5e2f16a28daeafa623c0fd179 mbs2/x86_64/emacs-common-24.3-7.1.mbs2.x86_64.rpm c367752961a74f31e1b8111f8e363777 mbs2/x86_64/emacs-doc-24.3-7.1.mbs2.noarch.rpm 0e0536e56c6a7f94cd52ed72908ca471 mbs2/x86_64/emacs-el-24.3-7.1.mbs2.noarch.rpm a5d5e9f3bd2e77b4a8094c4e7b147477 mbs2/x86_64/emacs-leim-24.3-7.1.mbs2.noarch.rpm 14ffc339e2302b0252e0e82148c7eecd mbs2/x86_64/emacs-nox-24.3-7.1.mbs2.x86_64.rpm ecef0a2fcec34515d8243558d9dc91dd mbs2/SRPMS/emacs-24.3-7.1.mbs2.src.rpm _______________________________________________________________________
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/en/support/security/advisories/
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com _______________________________________________________________________
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team <security*mandriva.com> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux)
iD8DBQFVF7kBmqjQ0CJFipgRAqDfAKDFvMnvZoOdeSt2qSR/6bI3tWs4nwCaAveC pnnVGz4Fon1YLjznhhMTSwo= =Ehsq -----END PGP SIGNATURE-----
------------=_1427621966-10360-17 Content-Type: text/plain; charset="UTF-8"; name="message-footer.txt" Content-Disposition: inline; filename="message-footer.txt" Content-Transfer-Encoding: 8bit
To unsubscribe, send a email to sympa@mandrivalinux.org with this subject : unsubscribe security-announce _______________________________________________________ Want to buy your Pack or Services from Mandriva? Go to http://store.mandriva.com _______________________________________________________
------------=_1427621966-10360-17--
|
|
|
|