lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [day] [month] [year] [list]
Message-ID: <alpine.LNX.2.02.1709121523110.1004@connie.slackware.com>
Date: Tue, 12 Sep 2017 15:23:25 -0700 (PDT)
From: Slackware Security Team <security@...ckware.com>
To: slackware-security@...ckware.com
Subject: [slackware-security]  emacs (SSA:2017-255-01)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  emacs (SSA:2017-255-01)

New emacs packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1,
14.2, and -current to fix a security issue.


Here are the details from the Slackware 14.2 ChangeLog:
+--------------------------+
patches/packages/emacs-25.3-i586-1_slack14.2.txz:  Upgraded.
  This update fixes a security vulnerability in Emacs. Gnus no longer
  supports "richtext" and "enriched" inline MIME objects. This support
  was disabled to avoid evaluation of arbitrary Lisp code contained in
  email messages and news articles.
  For more information, see:
    http://seclists.org/oss-sec/2017/q3/422
    https://bugs.gnu.org/28350
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(http://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on http://slackware.com for
additional mirror sites near you.

Updated package for Slackware 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/emacs-25.3-i486-1_slack13.0.txz

Updated package for Slackware x86_64 13.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/emacs-25.3-x86_64-1_slack13.0.txz

Updated package for Slackware 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/emacs-25.3-i486-1_slack13.1.txz

Updated package for Slackware x86_64 13.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/emacs-25.3-x86_64-1_slack13.1.txz

Updated package for Slackware 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/emacs-25.3-i486-1_slack13.37.txz

Updated package for Slackware x86_64 13.37:
ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/emacs-25.3-x86_64-1_slack13.37.txz

Updated package for Slackware 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/emacs-25.3-i486-1_slack14.0.txz

Updated package for Slackware x86_64 14.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/emacs-25.3-x86_64-1_slack14.0.txz

Updated package for Slackware 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/emacs-25.3-i486-1_slack14.1.txz

Updated package for Slackware x86_64 14.1:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/emacs-25.3-x86_64-1_slack14.1.txz

Updated package for Slackware 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/emacs-25.3-i586-1_slack14.2.txz

Updated package for Slackware x86_64 14.2:
ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/emacs-25.3-x86_64-1_slack14.2.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-25.3-i586-1.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/e/emacs-25.3-x86_64-1.txz


MD5 signatures:
+-------------+

Slackware 13.0 package:
cb73ff55d419dc81547ac2b5d740d014  emacs-25.3-i486-1_slack13.0.txz

Slackware x86_64 13.0 package:
a2618ea276aebd927fb03fe864b34223  emacs-25.3-x86_64-1_slack13.0.txz

Slackware 13.1 package:
d4eee6b4b3bad0cdee8423952ab30cff  emacs-25.3-i486-1_slack13.1.txz

Slackware x86_64 13.1 package:
75877cfa279dfeec1684c487490c817a  emacs-25.3-x86_64-1_slack13.1.txz

Slackware 13.37 package:
1c94eac53cd078b2364b173f88b10b37  emacs-25.3-i486-1_slack13.37.txz

Slackware x86_64 13.37 package:
9f27de078b8c58efcc10e871dbafe656  emacs-25.3-x86_64-1_slack13.37.txz

Slackware 14.0 package:
bbf7e859465caa21973afea4c7c19654  emacs-25.3-i486-1_slack14.0.txz

Slackware x86_64 14.0 package:
b129723e1bfc10a1fcbe26a02136c0ce  emacs-25.3-x86_64-1_slack14.0.txz

Slackware 14.1 package:
59c43a96b840cd3bb48d917abc8cfbae  emacs-25.3-i486-1_slack14.1.txz

Slackware x86_64 14.1 package:
910c52e7f87b65a0238199af9e052695  emacs-25.3-x86_64-1_slack14.1.txz

Slackware 14.2 package:
edf008d474c5bd7bfc63425fd03e826e  emacs-25.3-i586-1_slack14.2.txz

Slackware x86_64 14.2 package:
b4317b3527a9df8d9c4595bac93801bd  emacs-25.3-x86_64-1_slack14.2.txz

Slackware -current package:
02d65f09f2bbe0e16900cfc49379920a  e/emacs-25.3-i586-1.txz

Slackware x86_64 -current package:
f15b8e4e8ef33058f8b07bc2d2b02be8  e/emacs-25.3-x86_64-1.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg emacs-25.3-i586-1_slack14.2.txz


+-----+

Slackware Linux Security Team
http://slackware.com/gpg-key
security@...ckware.com

+------------------------------------------------------------------------+
| To leave the slackware-security mailing list:                          |
+------------------------------------------------------------------------+
| Send an email to majordomo@...ckware.com with this text in the body of |
| the email message:                                                     |
|                                                                        |
|   unsubscribe slackware-security                                       |
|                                                                        |
| You will get a confirmation message back containing instructions to    |
| complete the process.  Please do not reply to this email address.      |
+------------------------------------------------------------------------+
-----BEGIN PGP SIGNATURE-----

iEYEARECAAYFAlm4XdMACgkQakRjwEAQIjOAdgCePUlBwPu2GUcXUqgIj0tzsytO
L6AAmwYTYkbZrGMLf8wCG7F8sp0FzZ3F
=yNAE
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ