lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Tue, 12 Sep 2017 23:08:25 +0200
From: Moritz Muehlenhoff <jmm@...ian.org>
To: bugtraq@...urityfocus.com
Subject: [SECURITY] [DSA 3970-1] emacs24 security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3970-1                   security@...ian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
September 12, 2017                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : emacs24
CVE ID         : not yet available

Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code
execution when rendering text/enriched MIME data (e.g. when using
Emacs-based mail clients).

For the oldstable distribution (jessie), this problem has been fixed
in version 24.4+1-5+deb8u1.

For the stable distribution (stretch), this problem has been fixed in
version 24.5+1-11+deb9u1.

We recommend that you upgrade your emacs24 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@...ts.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlm4S7cACgkQEMKTtsN8
TjYGSRAAlBXo00ZHx+P7Rgx3isQJEtlSVbX90C3QRloHAOrbb+DdmjaUO5YaNUvP
YMLJzsGwtl+1lUSKyNpfhE35Gj2r+UHMsgBgxdTg5DO2QxkvxbFlDc4zaIHY5BSA
62+Qch8f56w7Hg/wXaXwOpsTTUhEEgHAVC6gAFLgPedK7DXIzAQeUeJREq5t/4vA
lMUP72zPWpNHc6lu///E1J9Q6Mf8qngK5YnqZgfsYR+oRF3TftI/TIPBxwA6KXSG
bs7zsBH4ahJG141ulFdDzpldtkpnv70lB7OE5YWQKTdi8wjKsLc4MYA9U+NQplhN
lcj4n6huKIPNELi7uLZvvSULHrdjTXBC8yqQptnAFvVG/3WP9Pk32XmVeIP3TP3Z
+Uw6Kt6GkX2VgOndDbCTKNXpwGP8T7xIgK8fceY9SWzI/EFz0UlH5SEbZSFoJCMd
cK6ZaSdTfINDLBcvFa+6XgLjJP3pXHnBpyAH5sVEXR+U68BwXMcD6ziyyYFqezrT
A5MqiJ1RNNc66nqOcbFMwl9pt5eo9K+4V/M+A0dcfVRBbA0aAY6wifhacNsCWnAg
RLe0l3gqiRYG5Yi74rRIwZAW7FlGJnPKSReBdKC3qXE77qUBAN3iETiierUGzN9c
C4IdOQks9R4gkkzoZf6ZjZlicSuR49JK+v4d3Q5nTwAwPYaxZRU=
=0U74
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ