drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Emacs
| Name: |
Ausführen beliebiger Kommandos in Emacs |
|
| ID: |
USN-3428-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 17.04 |
|
| Datum: |
Fr, 22. September 2017, 07:24 |
|
| Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14482 |
|
| Applikationen: |
Emacs |
|
Originalnachricht |
--===============7386252226643916003==
Content-Type: multipart/signed; micalg="pgp-sha256";
protocol="application/pgp-signature";
boundary="=-voaGF5JYhAtvsrg60j2A"
--=-voaGF5JYhAtvsrg60j2A
Content-Type: text/plain; charset="UTF-8
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-3428-1
September 21, 2017
emacs25 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
Summary:
Emacs could be made to run programs as your login if it opened a
specially crafted file.
Software Description:
- emacs25: GNU Emacs editor
Details:
Charles A. Roelli discovered that Emacs incorrectly handled certain
files. If a user were tricked into opening a specially crafted file, an
attacker could possibly use this to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 17.04:
 emacs25                         25.1+1-3ubuntu4.1
In general, a standard system update will make all the necessary
changes.
References:
 https://www.ubuntu.com/usn/usn-3428-1
 CVE-2017-14482
Package Information:
 https://launchpad.net/ubuntu/+source/emacs25/25.1+1-3ubuntu4.1
--ßoaGF5JYhAtvsrg60j2A
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: This is a digitally signed message part
Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2
iQIcBAABCAAGBQJZxDOZAAoJEEW851uECx9pNLMQAIOctxytviQz5BFRKezbEe1f
/XlM67zGrAvbO9V0OUaJue/1OMjLB9L4BcnThMKMMPjco73tF55A1jduQGp3PQzo
CJ7AHlyxU2l7i5G1OkIOk7OMx6LOtQvd7tpjkgZ7qDMNi2W1SMpyGF5HO5dpkew4
57p/oTzunlYvmjVubhLDzw4xXvrjrkHjSj8d/ua0i8GEs+1I+IeSbh+7anCOT6tS
2yg70SjHzg+3Ct7BO9HCAtR3WTD01TDe8ILIsLgfSSxH0ftvdk07/jKULaMy/vpp
KrjjpwCpUIeQ0ue84d7xxgS+O8Bc73e0R5dUO0FHYJODSJJI7Qd/wHa35mvOCG6Q
WDlSOOJGTSJ6XlcPdsYm7ef88qQRb7H4k2SfIquzxTy+v0zYlXspOzrf6c1yz2sw
oy9dc+deZQm+YKfYlPdhIkRMyf8P30LiySDWZOfhNqYjq4hQp7frAaV3Ii2eSGFT
ofUKpEmnzR+F0eqsLezYEWZx6OhME9nUfUBX9WzL9ua4oPHbh8SldeCgwt8g9Hf/
7Q99f0pDZqAa6+KJBco1PeaOwW6/rCTCjYZJIk3cy2Op8QigLOODJj2Eamd/+beN
YEbiWADbJqYKcBC35YHV/ou7tNDGJAA1WDfK1UVUumwBttapoCIKO/Z06LYv631Z
zDBSlQwueOwV2k8/RV4A
=jfaA
-----END PGP SIGNATURE-----
--=-voaGF5JYhAtvsrg60j2A--
--===============7386252226643916003==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK
--===============7386252226643916003==--
|
|
|
|
