|
|
Log in / Subscribe / Register

Ubuntu alert USN-3427-1 (emacs24)



From:
    	      "Leonidas S. Barbosa" <leo.barbosa@canonical.com> 


To:
    	      ubuntu-security-announce@lists.ubuntu.com 


Subject:
    	      [USN-3427-1] Emacs vulnerability 


Date:
    	      Thu, 21 Sep 2017 17:47:08 -0300


Message-ID:
    	      <1506026828.4779.3.camel@canonical.com>


==========================================================================
Ubuntu Security Notice USN-3427-1
September 21, 2017

emacs24 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 16.04 LTS
- Ubuntu 14.04 LTS

Summary:

Emacs could be made to run programs as your login if it
opened a specially crafted file.

Software Description:
- emacs24: GNU Emacs editor

Details:

Charles A. Roelli discovered that Emacs incorrectly handled certain
files. If a user were tricked into opening a specially crafted file, an
attacker could possibly use this to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  emacs24                         24.5+1-6ubuntu1.1

Ubuntu 14.04 LTS:
  emacs24                         24.3+1-2ubuntu1.1

In general, a standard system update will make all the necessary
changes.

References:
  https://www.ubuntu.com/usn/usn-3427-1
  CVE-2017-14482

Package Information:
  https://launchpad.net/ubuntu/+source/emacs24/24.5+1-6ubun...
  https://launchpad.net/ubuntu/+source/emacs24/24.3+1-2ubun...
-- 
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security...
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds