|
|
Log in / Subscribe / Register

Debian alert DLA-1101-1 (emacs23)



From:
    	      Emilio Pozuelo Monfort <pochu@debian.org> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 1101-1] emacs23 security update 


Date:
    	      Thu, 21 Sep 2017 21:50:29 +0200


Message-ID:
    	      <14f5ac18-6fa2-df59-ba22-48b528ad6f14@debian.org>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Package        : emacs23
Version        : 23.4+1-4+deb7u1
CVE ID         : CVE-2017-14482

Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code
execution when rendering text/enriched MIME data (e.g. when using
Emacs-based mail clients).

For Debian 7 "Wheezy", these problems have been fixed in version
23.4+1-4+deb7u1.

We recommend that you upgrade your emacs23 packages.

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEcJymx+vmJZxd92Q+nUbEiOQ2gwIFAlnEGAIACgkQnUbEiOQ2
gwJUxBAAx6INmxlvlqOIjC5YbUIVHT9+IRDMiovlPQu/Vr8jxBFoHClIQNLt2nqV
dbqj91aDiiUKVgp9ZwT2d/rhB/2XZJ94yDn6VXdePN3Q2IFp3/8dVS0Yi2f7WRUH
pbb/ubPHT3B8jLfGsSCqJLPsc/HVALOFP5XHmjZAbdcYw6fvhHhqagGobr67u6xQ
XagVY5aX+3+5BSRkM2Uo2on6JiKAQGq+fmwQnUoShGAPie/mDyRlsgF+cEIJyaay
WfSAEeZT/Yum0vjS6LLyJaFHjDDpOGEQUF1BPjYpkV8rUU6lxLFIkEPxz3fO/Jx1
XSzkO5SyX9BGFEyEhKskidZ/AZCbk1R3k1iOZWIxE8csekQGVZPM9MkzIfiy8NZh
mB7lMycsg50GYJe1euqqvFEIA0MqTas9iLb5P7/3eMY2fKJKgLkW/3jfKScziCcI
v2d8PgaP4+vvjF4ojtCjCnig0zGIpLXpwaLcEsKVEHq5VJqgyudpru/oqFdLGwPl
VaBjjmS9/X0h+eXIKd0M5wFKTmqdibdkGwaZ+tpTe5M7fjt83uQwfo93XI2lWgAu
xVfRmQ9pWXEsOWwl37FUcGSyQky8SN/nYq4BFc7hDjpJcHvfvYtQcNjfkmwmlnnK
W6PnXy9BqWKpXKsO4y8nJrqKg+8pjIGBcUxUvaNQYKL0wYAufNw=
=glzf
-----END PGP SIGNATURE-----
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds