drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Emacs
Name: |
Ausführen beliebiger Kommandos in Emacs |
|
ID: |
FEDORA-2012-0462 |
|
Distribution: |
Fedora |
|
Plattformen: |
Fedora 15 |
|
Datum: |
Di, 24. Januar 2012, 08:22 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0035 |
|
Applikationen: |
Emacs |
|
Originalnachricht |
Name : emacs Product : Fedora 15 Version : 23.3 Release : 8.fc15 URL : http://www.gnu.org/software/emacs/ Summary : GNU Emacs text editor Description : Emacs is a powerful, customizable, self-documenting, modeless text editor. Emacs contains special code editing features, a scripting language (elisp), and the capability to read mail, news, and more without leaving the editor.
This package provides an emacs binary with support for X windows.
------------------------------------------------------------------------------- - Update Information:
CVE-2012-0035 emacs: CEDET global-ede-mode file loading vulnerability ------------------------------------------------------------------------------- - ChangeLog:
* Thu Jan 12 2012 Karel Klíč <kklic@redhat.com> - 1:23.3-8 - Added patch to handle CVE-2012-0035: CEDET global-ede-mode file loading vulnerability (rhbz#773024) - Check for _NET_WM_STATE_HIDDEN (rhbz#711739) * Thu Jun 30 2011 Ville Skyttä <ville.skytta@iki.fi> - 1:23.3-7 - Use custom-set-variables for customizable variables in .emacs (#716440). - Move frame-title-format default from .emacs to default.el (#716443). * Thu May 26 2011 Karel Klíč <kklic@redhat.com> - 1:23.3-6 - Enumerate binaries in emacs-common to avoid packaging single binary multiple times by accident * Mon May 23 2011 Karel Klíč <kklic@redhat.com> - 1:23.3-5 - Removed %defattr from %files sections, as RPM no longer needs it - Removed %dir %{_libexecdir}/emacs and similar from emacs and emacs-nox packages, as the directories are used and present only in emacs-common (rhbz#704067) * Tue Mar 22 2011 Karel Klic <kklic@redhat.com> - 1:23.3-4 - Rebuild to fix an RPM issue (rhbz689182) * Tue Mar 15 2011 Ville Skyttä <ville.skytta@iki.fi> - 1:23.3-3 - Use UTC timestamps in rpm-spec-mode changelog entries by default (rhbz#672350) - Consider *.elc in addition to *.el when loading files from site-start.d (rhbz#672324) * Tue Mar 15 2011 Karel Klic <kklic@redhat.com> - 1:23.3-2 - Another attempt to fix the handling of alternatives (rhbz#684447) The current process loses alternatives preference on every upgrade, but there seems to be no elegant way how to prevent this while having versioned binaries (/bin/emacs-%{version}) at the same time. - Removed 'rm -rf %{buildroot}' from %install section * Thu Mar 10 2011 Karel Klic <kklic@redhat.com> - 1:23.3-1 - New upstream release - Depend on util-linux directly, as the package no longer provides setarch * Tue Feb 8 2011 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:23.2-18 - Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild ------------------------------------------------------------------------------- - References:
[ 1 ] Bug #773023 - CVE-2012-0035 emacs: CEDET global-ede-mode file loading vulnerability https://bugzilla.redhat.com/show_bug.cgi?id=773023 ------------------------------------------------------------------------------- -
This update can be installed with the "yum" update program. Use su -c 'yum update emacs' at the command line. For more information, refer to "Managing Software with yum", available at http://docs.fedoraproject.org/yum/.
All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/keys ------------------------------------------------------------------------------- - _______________________________________________ package-announce mailing list package-announce@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-announce
|
|
|
|