drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in Emacs
Name: |
Ausführen beliebiger Kommandos in Emacs |
|
ID: |
USN-3428-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 17.04 |
|
Datum: |
Fr, 22. September 2017, 07:24 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14482 |
|
Applikationen: |
Emacs |
|
Originalnachricht |
--===============7386252226643916003== Content-Type: multipart/signed; micalg="pgp-sha256"; protocol="application/pgp-signature"; boundary="=-voaGF5JYhAtvsrg60j2A"
--=-voaGF5JYhAtvsrg60j2A Content-Type: text/plain; charset="UTF-8 Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-3428-1 September 21, 2017
emacs25 vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 17.04
Summary:
Emacs could be made to run programs as your login if it opened a specially crafted file.
Software Description: - emacs25: GNU Emacs editor
Details:
Charles A. Roelli discovered that Emacs incorrectly handled certain files. If a user were tricked into opening a specially crafted file, an attacker could possibly use this to execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 17.04: Â emacs25Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â Â 25.1+1-3ubuntu4.1
In general, a standard system update will make all the necessary changes.
References: Â https://www.ubuntu.com/usn/usn-3428-1 Â CVE-2017-14482
Package Information: Â https://launchpad.net/ubuntu/+source/emacs25/25.1+1-3ubuntu4.1
--ßoaGF5JYhAtvsrg60j2A Content-Type: application/pgp-signature; name="signature.asc" Content-Description: This is a digitally signed message part Content-Transfer-Encoding: 7bit
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2
iQIcBAABCAAGBQJZxDOZAAoJEEW851uECx9pNLMQAIOctxytviQz5BFRKezbEe1f /XlM67zGrAvbO9V0OUaJue/1OMjLB9L4BcnThMKMMPjco73tF55A1jduQGp3PQzo CJ7AHlyxU2l7i5G1OkIOk7OMx6LOtQvd7tpjkgZ7qDMNi2W1SMpyGF5HO5dpkew4 57p/oTzunlYvmjVubhLDzw4xXvrjrkHjSj8d/ua0i8GEs+1I+IeSbh+7anCOT6tS 2yg70SjHzg+3Ct7BO9HCAtR3WTD01TDe8ILIsLgfSSxH0ftvdk07/jKULaMy/vpp KrjjpwCpUIeQ0ue84d7xxgS+O8Bc73e0R5dUO0FHYJODSJJI7Qd/wHa35mvOCG6Q WDlSOOJGTSJ6XlcPdsYm7ef88qQRb7H4k2SfIquzxTy+v0zYlXspOzrf6c1yz2sw oy9dc+deZQm+YKfYlPdhIkRMyf8P30LiySDWZOfhNqYjq4hQp7frAaV3Ii2eSGFT ofUKpEmnzR+F0eqsLezYEWZx6OhME9nUfUBX9WzL9ua4oPHbh8SldeCgwt8g9Hf/ 7Q99f0pDZqAa6+KJBco1PeaOwW6/rCTCjYZJIk3cy2Op8QigLOODJj2Eamd/+beN YEbiWADbJqYKcBC35YHV/ou7tNDGJAA1WDfK1UVUumwBttapoCIKO/Z06LYv631Z zDBSlQwueOwV2k8/RV4A =jfaA -----END PGP SIGNATURE-----
--=-voaGF5JYhAtvsrg60j2A--
--===============7386252226643916003== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5 LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj dXJpdHktYW5ub3VuY2UK
--===============7386252226643916003==--
|
|
|
|