Login
Newsletter
Werbung
Sicherheit: Mangelnde Rechteprüfung in Emacs
Aktuelle Meldungen Distributionen
Name: Mangelnde Rechteprüfung in Emacs
ID: MDVSA-2010:083
Distribution: Mandriva
Plattformen: Mandriva Corporate 4.0, Mandriva 2008.0, Mandriva 2009.0, Mandriva 2009.1, Mandriva Enterprise Server 5.0, Mandriva 2010.0
Datum: Di, 20. April 2010, 16:32
Referenzen: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0825
Applikationen: Emacs

Originalnachricht

 
This is a multi-part message in MIME format...

------------=_1271770215-24326-7041


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2010:083
 http://www.mandriva.com/security/
 _______________________________________________________________________

 Package : emacs
 Date    : April 20, 2010
 Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 4.0,
           Enterprise Server 5.0
 _______________________________________________________________________

 Problem Description:

 A vulnerability has been found and corrected in emacs:
 
 lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to
 read, modify, or delete arbitrary mailbox files via a symlink attack,
 related to improper file-permission checks (CVE-2010-0825).
 
 Packages for 2008.0 and 2009.0 are provided due to the Extended
 Maintenance Program for those products.
 
 The updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:

 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-0825
 _______________________________________________________________________

 Updated Packages:

 Mandriva Linux 2008.0:
 8a36ed0e4ee5e60e6d15bae8ff41f629  2008.0/i586/emacs-22.1-5.5mdv2008.0.i586.rpm
 fdd8511e920ced5d618d3cd6aba68911 
 2008.0/i586/emacs-common-22.1-5.5mdv2008.0.i586.rpm
 ca04fb9a07164015f2528a8786d77f29 
 2008.0/i586/emacs-doc-22.1-5.5mdv2008.0.i586.rpm
 a88f5daab983d28f945484f71cf1e828 
 2008.0/i586/emacs-el-22.1-5.5mdv2008.0.i586.rpm
 0419331869c819f648d8890e7f50ec1c 
 2008.0/i586/emacs-gtk-22.1-5.5mdv2008.0.i586.rpm
 db38ffe92d447d5971fe1dc684c4ce00 
 2008.0/i586/emacs-leim-22.1-5.5mdv2008.0.i586.rpm
 25cc16c584b483c7f22821140b1b938a 
 2008.0/i586/emacs-nox-22.1-5.5mdv2008.0.i586.rpm 
 1402cff0f3567e12b9993f6ff986c805  2008.0/SRPMS/emacs-22.1-5.5mdv2008.0.src.rpm

 Mandriva Linux 2008.0/X86_64:
 f4264ec18e313e5d06886dd9ffa5f204 
 2008.0/x86_64/emacs-22.1-5.5mdv2008.0.x86_64.rpm
 fd0d05ad7ffe83fffca4ccecae8e3325 
 2008.0/x86_64/emacs-common-22.1-5.5mdv2008.0.x86_64.rpm
 b3e23700f78da33dffa5c84dc6da2bdb 
 2008.0/x86_64/emacs-doc-22.1-5.5mdv2008.0.x86_64.rpm
 4d03f0945652db265d8d84e1d64933b2 
 2008.0/x86_64/emacs-el-22.1-5.5mdv2008.0.x86_64.rpm
 4c3ece999300f74d84889f80fb98db1f 
 2008.0/x86_64/emacs-gtk-22.1-5.5mdv2008.0.x86_64.rpm
 ad9cf01c131774cce30c6f56dba1c0e0 
 2008.0/x86_64/emacs-leim-22.1-5.5mdv2008.0.x86_64.rpm
 9825be3852973a906c63eb0c4442fdf6 
 2008.0/x86_64/emacs-nox-22.1-5.5mdv2008.0.x86_64.rpm 
 1402cff0f3567e12b9993f6ff986c805  2008.0/SRPMS/emacs-22.1-5.5mdv2008.0.src.rpm

 Mandriva Linux 2009.0:
 c1f452b2b7a900adc5cd5f2227b592d9  2009.0/i586/emacs-22.3-2.1mdv2009.0.i586.rpm
 860f26ae0eb85825af7f059615884448 
 2009.0/i586/emacs-common-22.3-2.1mdv2009.0.i586.rpm
 e8f11e4b732db5a858f294eccca45656 
 2009.0/i586/emacs-doc-22.3-2.1mdv2009.0.i586.rpm
 4ff5202dcc2395ca1bcc256d626f6e26 
 2009.0/i586/emacs-el-22.3-2.1mdv2009.0.i586.rpm
 4fb94a77c1cf27c5467d4168f7a87753 
 2009.0/i586/emacs-gtk-22.3-2.1mdv2009.0.i586.rpm
 1527ff5aafb16dcf155a5ca4d4014488 
 2009.0/i586/emacs-leim-22.3-2.1mdv2009.0.i586.rpm
 4e1bcb4be6156a7c21705198b64c13ad 
 2009.0/i586/emacs-nox-22.3-2.1mdv2009.0.i586.rpm 
 3051661fcbf692988df69fb8c46d604f  2009.0/SRPMS/emacs-22.3-2.1mdv2009.0.src.rpm

 Mandriva Linux 2009.0/X86_64:
 6b0af1b476b32050822c7950a022cf63 
 2009.0/x86_64/emacs-22.3-2.1mdv2009.0.x86_64.rpm
 6de11081983013fa58c875af4dd43dda 
 2009.0/x86_64/emacs-common-22.3-2.1mdv2009.0.x86_64.rpm
 6080884452f7c688c1046a8eee7bfb93 
 2009.0/x86_64/emacs-doc-22.3-2.1mdv2009.0.x86_64.rpm
 b7c60b9b150e8ab9d6471477971dfe7e 
 2009.0/x86_64/emacs-el-22.3-2.1mdv2009.0.x86_64.rpm
 e22cd8c5b6871bb10dfd105e1fe93c6d 
 2009.0/x86_64/emacs-gtk-22.3-2.1mdv2009.0.x86_64.rpm
 3e4bbf7f08060542dfd06308aefda09d 
 2009.0/x86_64/emacs-leim-22.3-2.1mdv2009.0.x86_64.rpm
 02c66cddddd82e9c30a7e3544fd3b9a0 
 2009.0/x86_64/emacs-nox-22.3-2.1mdv2009.0.x86_64.rpm 
 3051661fcbf692988df69fb8c46d604f  2009.0/SRPMS/emacs-22.3-2.1mdv2009.0.src.rpm

 Mandriva Linux 2009.1:
 d46fd2bc2ef99ffa3ac35bc7bb5d46a9  2009.1/i586/emacs-22.3-4.1mdv2009.1.i586.rpm
 1b1f0545718048547885c1338b5651ec 
 2009.1/i586/emacs-common-22.3-4.1mdv2009.1.i586.rpm
 f6b1005dd1b529f89da2af6e1697ec6d 
 2009.1/i586/emacs-doc-22.3-4.1mdv2009.1.i586.rpm
 a210802a6507090cdb81168b86128867 
 2009.1/i586/emacs-el-22.3-4.1mdv2009.1.i586.rpm
 9977e4a61f16d3afddc89691768d0fc1 
 2009.1/i586/emacs-gtk-22.3-4.1mdv2009.1.i586.rpm
 a85c9305c2239b22cbcecf5118c6da09 
 2009.1/i586/emacs-leim-22.3-4.1mdv2009.1.i586.rpm
 e0c7a27445140ef48dafccc553cd9317 
 2009.1/i586/emacs-nox-22.3-4.1mdv2009.1.i586.rpm 
 1b3914c818aeae1e4ea6a083b0af0d17  2009.1/SRPMS/emacs-22.3-4.1mdv2009.1.src.rpm

 Mandriva Linux 2009.1/X86_64:
 fa88c22cdc5064d433238fa5078b62ba 
 2009.1/x86_64/emacs-22.3-4.1mdv2009.1.x86_64.rpm
 bb7213f01545508bf1a564eed7cb7037 
 2009.1/x86_64/emacs-common-22.3-4.1mdv2009.1.x86_64.rpm
 cfbda12c0fbf64bdb8854b746c035f6b 
 2009.1/x86_64/emacs-doc-22.3-4.1mdv2009.1.x86_64.rpm
 2b0879c394e9d504f289c24f054c0dbc 
 2009.1/x86_64/emacs-el-22.3-4.1mdv2009.1.x86_64.rpm
 797eda5597bd9cfce3ac01285991385c 
 2009.1/x86_64/emacs-gtk-22.3-4.1mdv2009.1.x86_64.rpm
 3dd582e834a33771c980b35862aab33a 
 2009.1/x86_64/emacs-leim-22.3-4.1mdv2009.1.x86_64.rpm
 cbae1087cfb5f6390a6f36b1cb29435d 
 2009.1/x86_64/emacs-nox-22.3-4.1mdv2009.1.x86_64.rpm 
 1b3914c818aeae1e4ea6a083b0af0d17  2009.1/SRPMS/emacs-22.3-4.1mdv2009.1.src.rpm

 Mandriva Linux 2010.0:
 f9fd03f96fc272bc63053a96cf843ac1  2010.0/i586/emacs-23.1-7.1mdv2010.0.i586.rpm
 681c0b44b0e22647067bd0e940be8827 
 2010.0/i586/emacs-common-23.1-7.1mdv2010.0.i586.rpm
 96d1a1ae8146ad61a215d3bf73b01700 
 2010.0/i586/emacs-doc-23.1-7.1mdv2010.0.i586.rpm
 8c8277a4a142800a0124469b67094aee 
 2010.0/i586/emacs-el-23.1-7.1mdv2010.0.i586.rpm
 36744d11530a8b669c806ca2914e3cf4 
 2010.0/i586/emacs-leim-23.1-7.1mdv2010.0.i586.rpm
 06102d1450f6c74060eae1d4407af99a 
 2010.0/i586/emacs-nox-23.1-7.1mdv2010.0.i586.rpm 
 4d9dd45bc26035a407e4c6d4b815c2a6  2010.0/SRPMS/emacs-23.1-7.1mdv2010.0.src.rpm

 Mandriva Linux 2010.0/X86_64:
 71d28cedd7b4538855fb7dcaaa2dad8f 
 2010.0/x86_64/emacs-23.1-7.1mdv2010.0.x86_64.rpm
 4848d48176bc3259b4203408bd4de290 
 2010.0/x86_64/emacs-common-23.1-7.1mdv2010.0.x86_64.rpm
 18c40f7de50179cd24577e5d2b25a370 
 2010.0/x86_64/emacs-doc-23.1-7.1mdv2010.0.x86_64.rpm
 4be6369b10ee043d7a5a92f653786923 
 2010.0/x86_64/emacs-el-23.1-7.1mdv2010.0.x86_64.rpm
 b0636d25931219c429d3fd6ebcea52ed 
 2010.0/x86_64/emacs-leim-23.1-7.1mdv2010.0.x86_64.rpm
 f55a3a914aeabc657d753f31f361f58f 
 2010.0/x86_64/emacs-nox-23.1-7.1mdv2010.0.x86_64.rpm 
 4d9dd45bc26035a407e4c6d4b815c2a6  2010.0/SRPMS/emacs-23.1-7.1mdv2010.0.src.rpm

 Corporate 4.0:
 97bf2e36167aec16484e4262d7192246 
 corporate/4.0/i586/emacs-21.4-20.5.20060mlcs4.i586.rpm
 98f091ceaf519ca443e72813db520d9b 
 corporate/4.0/i586/emacs-doc-21.4-20.5.20060mlcs4.i586.rpm
 5f17f3acea1c9553b5949da67b035bbd 
 corporate/4.0/i586/emacs-el-21.4-20.5.20060mlcs4.i586.rpm
 d53be55d9228a96dfd655b7869da2c0b 
 corporate/4.0/i586/emacs-leim-21.4-20.5.20060mlcs4.i586.rpm
 1da93a12ecd0d70ea2cc926581783261 
 corporate/4.0/i586/emacs-nox-21.4-20.5.20060mlcs4.i586.rpm
 52b90583166c96d572f54dfec71d58bb 
 corporate/4.0/i586/emacs-X11-21.4-20.5.20060mlcs4.i586.rpm 
 c42ea31f7a8370f26a1c4920378a8fc6 
 corporate/4.0/SRPMS/emacs-21.4-20.5.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 4af8671bfa35744feff142f012a43523 
 corporate/4.0/x86_64/emacs-21.4-20.5.20060mlcs4.x86_64.rpm
 8585644cac16348f507e0612386083e0 
 corporate/4.0/x86_64/emacs-doc-21.4-20.5.20060mlcs4.x86_64.rpm
 d9189616e257bcd96ce7e2911ce4bd0d 
 corporate/4.0/x86_64/emacs-el-21.4-20.5.20060mlcs4.x86_64.rpm
 ed95b11dff637feac7de0070a2c41234 
 corporate/4.0/x86_64/emacs-leim-21.4-20.5.20060mlcs4.x86_64.rpm
 4b4e71c2e6b9d256f0a418c697cc5d07 
 corporate/4.0/x86_64/emacs-nox-21.4-20.5.20060mlcs4.x86_64.rpm
 5f5db454263d95aa831fc80cc138f591 
 corporate/4.0/x86_64/emacs-X11-21.4-20.5.20060mlcs4.x86_64.rpm 
 c42ea31f7a8370f26a1c4920378a8fc6 
 corporate/4.0/SRPMS/emacs-21.4-20.5.20060mlcs4.src.rpm

 Mandriva Enterprise Server 5:
 17182742966ccef0e1ee6ee64cf6c17c  mes5/i586/emacs-22.3-2.1mdvmes5.1.i586.rpm
 2c828bd88fd8750f78f227a0056e7bad 
 mes5/i586/emacs-common-22.3-2.1mdvmes5.1.i586.rpm
 06aa75fc7aefae8e6eb4c8df6d99f19d 
 mes5/i586/emacs-doc-22.3-2.1mdvmes5.1.i586.rpm
 5836ed2232c06161b6d196022e35ad23 
 mes5/i586/emacs-el-22.3-2.1mdvmes5.1.i586.rpm
 d076d5c6111a9c7bd12fa92987d55974 
 mes5/i586/emacs-gtk-22.3-2.1mdvmes5.1.i586.rpm
 ebeced4cb7b5a5d9988331b7db910152 
 mes5/i586/emacs-leim-22.3-2.1mdvmes5.1.i586.rpm
 bec9bd00b1d3dd7c1dadbb0a5988cf78 
 mes5/i586/emacs-nox-22.3-2.1mdvmes5.1.i586.rpm 
 a0e1f2b44f9a7c89a05cc8d2e1ad0633  mes5/SRPMS/emacs-22.3-2.1mdvmes5.1.src.rpm

 Mandriva Enterprise Server 5/X86_64:
 0b0eadf1a07340ed87cb28f9cd99baab 
 mes5/x86_64/emacs-22.3-2.1mdvmes5.1.x86_64.rpm
 03d3f340e9bf804982d3071187b2d6cd 
 mes5/x86_64/emacs-common-22.3-2.1mdvmes5.1.x86_64.rpm
 666d6b33034aff76c4caccf21dd2c787 
 mes5/x86_64/emacs-doc-22.3-2.1mdvmes5.1.x86_64.rpm
 e634c9037adbff1c38ca612cb46f0e3e 
 mes5/x86_64/emacs-el-22.3-2.1mdvmes5.1.x86_64.rpm
 097c47220c2d2a028761ef427bc041ee 
 mes5/x86_64/emacs-gtk-22.3-2.1mdvmes5.1.x86_64.rpm
 9cb00684bcc12ea6bcb0c5379346b2b6 
 mes5/x86_64/emacs-leim-22.3-2.1mdvmes5.1.x86_64.rpm
 f8de48a717ccdd6809b1e69ccc160e31 
 mes5/x86_64/emacs-nox-22.3-2.1mdvmes5.1.x86_64.rpm 
 a0e1f2b44f9a7c89a05cc8d2e1ad0633  mes5/SRPMS/emacs-22.3-2.1mdvmes5.1.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLzXoWmqjQ0CJFipgRAgQ5AJ9Y6hLXe8ZEaWTe+EAkKK7yI4bRfQCdGCuX
231M6dHiA6lMkbnC4kxHbwY=
=MzZZ
-----END PGP SIGNATURE-----


------------=_1271770215-24326-7041
Content-Type: text/plain; name="message-footer.txt"
Content-Disposition: inline; filename="message-footer.txt"
Content-Transfer-Encoding: 8bit

To unsubscribe, send a email to sympa@mandrivalinux.org
with this subject : unsubscribe security-announce
_______________________________________________________
Want to buy your Pack or Services from Mandriva? 
Go to http://www.mandrivastore.com
Join the Club : http://www.mandrivaclub.com
_______________________________________________________

------------=_1271770215-24326-7041--
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten

141
Mach­t's gut!

51
Neue Raspber­ry Pi-Va­ri­an­te mit 8 GB RAM

0
Genode 20.05 frei­ge­ge­ben

9
Sub­ver­si­on 1.14.0-LTS vor­ge­stellt

0
»Hum­ble Ci­ties: Sky­lines Bund­le« vor­ge­stellt

0
End of Life für Co­reOS Con­tai­ner Linux ver­kün­det

32
Elek­tra 0.9.2 er­schie­nen

8
Nex­tDNS ver­lässt die Be­ta-Pha­se

23
Tu­xe­do stellt Ga­mer-Note­book vor

0
Libre Gra­phics Mee­ting be­ginnt als On­li­ne-Va­ri­an­te
 
Werbung