Login
Newsletter
Werbung
Sicherheit: Ausführen beliebiger Kommandos in emacs
Aktuelle Meldungen Distributionen
Name: Ausführen beliebiger Kommandos in emacs
ID: MDVSA-2008:153
Distribution: Mandriva
Plattformen: Mandriva Corporate 3.0, Mandriva Corporate 4.0, Mandriva 2007.1, Mandriva 2008.0, Mandriva 2008.1
Datum: Mi, 23. Juli 2008, 23:55
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142
Applikationen: Emacs

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1216850150-11275-7543


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDVSA-2008:153
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : emacs
 Date    : July 23, 2008
 Affected: 2007.1, 2008.0, 2008.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A vulnerability in emacs was found where an attacker could provide
 a group of files containing local variable definitions and arbitrary
 Lisp code to be executed when one of the provided files is opened by
 emacs (CVE-2008-2142).
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2142
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.1:
 d74dae9fd1bd25a85ad129942acedda9 
 2007.1/i586/emacs-21.4-26.4mdv2007.1.i586.rpm
 a8722c58647f3459d7fa1091129d36d2 
 2007.1/i586/emacs-doc-21.4-26.4mdv2007.1.i586.rpm
 34887a7e1f7555db0ec555e8fa4fc632 
 2007.1/i586/emacs-el-21.4-26.4mdv2007.1.i586.rpm
 e5a9e7e14e0df3d647a5c96bd9372460 
 2007.1/i586/emacs-leim-21.4-26.4mdv2007.1.i586.rpm
 1c9838c3a561ad8813d4b5cee8b82400 
 2007.1/i586/emacs-nox-21.4-26.4mdv2007.1.i586.rpm
 b9892f4738715018b2e6df7d02e6687d 
 2007.1/i586/emacs-X11-21.4-26.4mdv2007.1.i586.rpm 
 af96e6a121eb5f8b8170ff941114c489 
 2007.1/SRPMS/emacs-21.4-26.4mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 600d616346db08ca13bdf11ddbcef44b 
 2007.1/x86_64/emacs-21.4-26.4mdv2007.1.x86_64.rpm
 928441ff823f240f73538d3158153fbe 
 2007.1/x86_64/emacs-doc-21.4-26.4mdv2007.1.x86_64.rpm
 60e33fa1d0bdf71a779a037c15d1985c 
 2007.1/x86_64/emacs-el-21.4-26.4mdv2007.1.x86_64.rpm
 198718097f7a60bff2a68af82db28a43 
 2007.1/x86_64/emacs-leim-21.4-26.4mdv2007.1.x86_64.rpm
 4299965f8b4b183af31e3f898c81110f 
 2007.1/x86_64/emacs-nox-21.4-26.4mdv2007.1.x86_64.rpm
 5ca6f64f83f530f8b51d271bc8ec726e 
 2007.1/x86_64/emacs-X11-21.4-26.4mdv2007.1.x86_64.rpm 
 af96e6a121eb5f8b8170ff941114c489 
 2007.1/SRPMS/emacs-21.4-26.4mdv2007.1.src.rpm

 Mandriva Linux 2008.0:
 024e38f1ec4e6eabae4b274da83dde18  2008.0/i586/emacs-22.1-5.3mdv2008.0.i586.rpm
 4214b10282db0615b9b729f187934db1 
 2008.0/i586/emacs-common-22.1-5.3mdv2008.0.i586.rpm
 22ff8c91f547061d333465ded6a2d0da 
 2008.0/i586/emacs-doc-22.1-5.3mdv2008.0.i586.rpm
 304b35b5af43ba47a736d2c0d9a8faa2 
 2008.0/i586/emacs-el-22.1-5.3mdv2008.0.i586.rpm
 97788932323d9f7e2250d30f97ce3f8c 
 2008.0/i586/emacs-gtk-22.1-5.3mdv2008.0.i586.rpm
 2406a6b60ee316bc1c67385b0db82cf8 
 2008.0/i586/emacs-leim-22.1-5.3mdv2008.0.i586.rpm
 12883d439574ef26201af9c504144b9f 
 2008.0/i586/emacs-nox-22.1-5.3mdv2008.0.i586.rpm 
 d333358ad7b06f3f0c0db4fea12e1570  2008.0/SRPMS/emacs-22.1-5.3mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 d57e83291c764980266625bcb889cc87 
 2008.0/x86_64/emacs-22.1-5.3mdv2008.0.x86_64.rpm
 03cef7dd549b3d65e11c8d12875516cf 
 2008.0/x86_64/emacs-common-22.1-5.3mdv2008.0.x86_64.rpm
 94f8e4725a640069161a0f86cee69195 
 2008.0/x86_64/emacs-doc-22.1-5.3mdv2008.0.x86_64.rpm
 a1b95c035307112fc7ccbed4ce53975c 
 2008.0/x86_64/emacs-el-22.1-5.3mdv2008.0.x86_64.rpm
 f47c2c3bffd8ecaeffec9bb3b19c94e8 
 2008.0/x86_64/emacs-gtk-22.1-5.3mdv2008.0.x86_64.rpm
 118252721969c9ce844cebdcbcd3f8a7 
 2008.0/x86_64/emacs-leim-22.1-5.3mdv2008.0.x86_64.rpm
 6c5622ed590a236cf2576814dd87ec9d 
 2008.0/x86_64/emacs-nox-22.1-5.3mdv2008.0.x86_64.rpm 
 d333358ad7b06f3f0c0db4fea12e1570  2008.0/SRPMS/emacs-22.1-5.3mdv2008.0.src.rpm

 Mandriva Linux 2008.1:
 29455a1008c19f2f0d7d8abb2a653c73  2008.1/i586/emacs-22.1-7.2mdv2008.1.i586.rpm
 98a8a2d6fa0aaa7cde7770759012a411 
 2008.1/i586/emacs-common-22.1-7.2mdv2008.1.i586.rpm
 5c08857d28e60a6834bee8e77d6725c3 
 2008.1/i586/emacs-doc-22.1-7.2mdv2008.1.i586.rpm
 50c31d9e899581584a78490b0a27c837 
 2008.1/i586/emacs-el-22.1-7.2mdv2008.1.i586.rpm
 ce0ad85bc6539d1303c5658f24417670 
 2008.1/i586/emacs-gtk-22.1-7.2mdv2008.1.i586.rpm
 7f4413c929c28b926c3887985fa3b0a2 
 2008.1/i586/emacs-leim-22.1-7.2mdv2008.1.i586.rpm
 51844adc76e16167fdd4db0d61daffe8 
 2008.1/i586/emacs-nox-22.1-7.2mdv2008.1.i586.rpm 
 cf941f26a979357e553b0cb973a7c7ab  2008.1/SRPMS/emacs-22.1-7.2mdv2008.1.src.rpm

 Mandriva Linux 2008.1/X86_64:
 6961fbbb8bafde024f192ce2bb536138 
 2008.1/x86_64/emacs-22.1-7.2mdv2008.1.x86_64.rpm
 41f14023d94c42112ac6b9e5063e9fc7 
 2008.1/x86_64/emacs-common-22.1-7.2mdv2008.1.x86_64.rpm
 228d317d952c8ece0c8c64b091717826 
 2008.1/x86_64/emacs-doc-22.1-7.2mdv2008.1.x86_64.rpm
 bcb34100a279a0727192cfefa898486f 
 2008.1/x86_64/emacs-el-22.1-7.2mdv2008.1.x86_64.rpm
 a7f2b52088198749411707b9fde36f2a 
 2008.1/x86_64/emacs-gtk-22.1-7.2mdv2008.1.x86_64.rpm
 bb4f8dafeb0696b7e5c739abdd91a0cf 
 2008.1/x86_64/emacs-leim-22.1-7.2mdv2008.1.x86_64.rpm
 83064451a138656cbefb593faa354cc9 
 2008.1/x86_64/emacs-nox-22.1-7.2mdv2008.1.x86_64.rpm 
 cf941f26a979357e553b0cb973a7c7ab  2008.1/SRPMS/emacs-22.1-7.2mdv2008.1.src.rpm

 Corporate 3.0:
 aa44fea1e2985d86ed71f48eac5abec1 
 corporate/3.0/i586/emacs-21.3-9.5.C30mdk.i586.rpm
 be5642981a031290778de67d9556f868 
 corporate/3.0/i586/emacs-el-21.3-9.5.C30mdk.i586.rpm
 5e54605b3cffe03ba9de9124272c959b 
 corporate/3.0/i586/emacs-leim-21.3-9.5.C30mdk.i586.rpm
 97d5a50d7ec4b6f75c38bcca83309192 
 corporate/3.0/i586/emacs-nox-21.3-9.5.C30mdk.i586.rpm
 96871dcd19d6ae0d23cc9d03f52408cf 
 corporate/3.0/i586/emacs-X11-21.3-9.5.C30mdk.i586.rpm 
 d8ab165d73eeb1a5e8643632fcbf8b8c 
 corporate/3.0/SRPMS/emacs-21.3-9.5.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 cfb4c6e5c48e6adccc9b23cc010b7252 
 corporate/3.0/x86_64/emacs-21.3-9.5.C30mdk.x86_64.rpm
 71f61c5b428497dc8a10f894eb6b6b26 
 corporate/3.0/x86_64/emacs-el-21.3-9.5.C30mdk.x86_64.rpm
 24bb6c31bfbdb2d326a99fbb78affdae 
 corporate/3.0/x86_64/emacs-leim-21.3-9.5.C30mdk.x86_64.rpm
 36a9451b1820dfae7790db09118e1214 
 corporate/3.0/x86_64/emacs-nox-21.3-9.5.C30mdk.x86_64.rpm
 000162f47d9476d0371b5e22d5b322ed 
 corporate/3.0/x86_64/emacs-X11-21.3-9.5.C30mdk.x86_64.rpm 
 d8ab165d73eeb1a5e8643632fcbf8b8c 
 corporate/3.0/SRPMS/emacs-21.3-9.5.C30mdk.src.rpm

 Corporate 4.0:
 7ea53f218d5f2cd10c9453e037532c63 
 corporate/4.0/i586/emacs-21.4-20.4.20060mlcs4.i586.rpm
 9ef2b2ae079cde479e3c74360778b84a 
 corporate/4.0/i586/emacs-doc-21.4-20.4.20060mlcs4.i586.rpm
 7cfa4a5ee6b58c9fce5bef6f4fc8985d 
 corporate/4.0/i586/emacs-el-21.4-20.4.20060mlcs4.i586.rpm
 71fd5a4bbb715b58f279e1281915de84 
 corporate/4.0/i586/emacs-leim-21.4-20.4.20060mlcs4.i586.rpm
 22fc643aff3581bdfdc6d2c021df1ca8 
 corporate/4.0/i586/emacs-nox-21.4-20.4.20060mlcs4.i586.rpm
 f943ee6d0fda515238cb8f3c6db8a4e5 
 corporate/4.0/i586/emacs-X11-21.4-20.4.20060mlcs4.i586.rpm 
 82c6556a9f0d125a15d2df02c49807db 
 corporate/4.0/SRPMS/emacs-21.4-20.4.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 6a1e64628ce09fd63366b5e41d90286f 
 corporate/4.0/x86_64/emacs-21.4-20.4.20060mlcs4.x86_64.rpm
 c979719c9aa18c47b0892f735af54529 
 corporate/4.0/x86_64/emacs-doc-21.4-20.4.20060mlcs4.x86_64.rpm
 a470c830c769e694481dc53c22cfc351 
 corporate/4.0/x86_64/emacs-el-21.4-20.4.20060mlcs4.x86_64.rpm
 9042d89bcdf57c898ef17c56ff3dfd9a 
 corporate/4.0/x86_64/emacs-leim-21.4-20.4.20060mlcs4.x86_64.rpm
 ccb0b523841d34b9cc77d6b083104068 
 corporate/4.0/x86_64/emacs-nox-21.4-20.4.20060mlcs4.x86_64.rpm
 97ad08d31dc9e606a9c9ed0bfe6cf1fd 
 corporate/4.0/x86_64/emacs-X11-21.4-20.4.20060mlcs4.x86_64.rpm 
 82c6556a9f0d125a15d2df02c49807db 
 corporate/4.0/SRPMS/emacs-21.4-20.4.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFIh5QUmqjQ0CJFipgRAnIWAJ0c0RJIQipIM8P9hIspzhZ1IZYwEQCg0zxA
VROAjOI7Kiy7SHFZks+TlI8=
=Q2TO
-----END PGP SIGNATURE-----


------------=_1216850150-11275-7543
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1216850150-11275-7543--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung