MDKSA-2005:038 - Updated emacs/xemacs packages fix vulnerability
From: Mandrakelinux Security Team <security@linux-mandrake.com.>
To: [email protected]
Subject: MDKSA-2005:038 - Updated emacs/xemacs packages fix vulnerability
Message-Id: <E1D1DeS-0002nn-8p@updates.mandrakesoft.com.>
Date: Tue, 15 Feb 2005 18:06:48 -0700
X-Virus-Scanned: antivirus-gw at tyumen.ru
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
_______________________________________________________________________
Mandrakelinux Security Update Advisory
_______________________________________________________________________
Package name: emacs
Advisory ID: MDKSA-2005:038
Date: February 15th, 2005
Affected versions: 10.0, 10.1, Corporate 3.0,
Corporate Server 2.1
______________________________________________________________________
Problem Description:
Max Vozeler discovered several format string vulnerabilities in the
movemail utility in Emacs. If a user connects to a malicious POP
server, an attacker can execute arbitrary code as the user running
emacs.
The updated packages have been patched to correct the problem.
_______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
______________________________________________________________________
Updated Packages:
Mandrakelinux 10.0:
d899f99f2f9bb60ae5a2c971847716a5 10.0/RPMS/emacs-21.3-9.1.100mdk.i586.rpm
e2ed618fc3b58636c13ce1f2dd2629b5 10.0/RPMS/emacs-X11-21.3-9.1.100mdk.i586.rpm
47482022f0e1e9f08a57edc6a2a966b4 10.0/RPMS/emacs-el-21.3-9.1.100mdk.i586.rpm
0cb3957408fa485c6253ab49bc2c5d39 10.0/RPMS/emacs-leim-21.3-9.1.100mdk.i586.rpm
0bfd90f125f1fe7d2e30379e9c5fd758 10.0/RPMS/emacs-nox-21.3-9.1.100mdk.i586.rpm
ae8043548a6141945b258da8ff862d77 10.0/RPMS/xemacs-21.4.15-5.1.100mdk.i586.rpm
d5506dea73c144ed9eed8983dcb6da22 10.0/RPMS/xemacs-devel-21.4.15-5.1.100mdk.i586.rpm
c4afe7ac526849fa58a46a0471e62807 10.0/RPMS/xemacs-el-21.4.15-5.1.100mdk.i586.rpm
7a9d63715dac250e04a264cbd6824dd3 10.0/RPMS/xemacs-extras-21.4.15-5.1.100mdk.i586.rpm
abe2a1e425b5bb7de659790fc6b4a8d4 10.0/RPMS/xemacs-packages-21.4.15-5.1.100mdk.i586.rpm
8f922b04d409cdde24764d42ee4d4494 10.0/SRPMS/emacs-21.3-9.1.100mdk.src.rpm
224bff664582a98701e8e60937754b78 10.0/SRPMS/xemacs-21.4.15-5.1.100mdk.src.rpm
Mandrakelinux 10.0/AMD64:
39bdb29b6f715318429bc9c36107fb52 amd64/10.0/RPMS/emacs-21.3-9.1.100mdk.amd64.rpm
f39ad2589bf356ee45938a478c279f73 amd64/10.0/RPMS/emacs-X11-21.3-9.1.100mdk.amd64.rpm
b1f1000d1fb5f75d98927927f47ea775 amd64/10.0/RPMS/emacs-el-21.3-9.1.100mdk.amd64.rpm
05c33e8f7aa98340f7797990d4f579c1 amd64/10.0/RPMS/emacs-leim-21.3-9.1.100mdk.amd64.rpm
e24061e2624d554a9c7829b3d4064198 amd64/10.0/RPMS/emacs-nox-21.3-9.1.100mdk.amd64.rpm
5b26030da09890fcfb853b6d389cae5c amd64/10.0/RPMS/xemacs-21.4.15-5.1.100mdk.amd64.rpm
66ad72d0cfa33776b60dcba27e85f82c amd64/10.0/RPMS/xemacs-devel-21.4.15-5.1.100mdk.amd64.rpm
22f2cc825813c7af4ffd7db6876b2520 amd64/10.0/RPMS/xemacs-el-21.4.15-5.1.100mdk.amd64.rpm
43ed8bc15bfb534b4a656eca1d4e3856 amd64/10.0/RPMS/xemacs-extras-21.4.15-5.1.100mdk.amd64.rpm
7a1861cf7c35dd3b7dae7e40e7a025ac amd64/10.0/RPMS/xemacs-packages-21.4.15-5.1.100mdk.amd64.rpm
8f922b04d409cdde24764d42ee4d4494 amd64/10.0/SRPMS/emacs-21.3-9.1.100mdk.src.rpm
224bff664582a98701e8e60937754b78 amd64/10.0/SRPMS/xemacs-21.4.15-5.1.100mdk.src.rpm
Mandrakelinux 10.1:
0d692ad6a7755ca8e5c5bb4e369f1b63 10.1/RPMS/emacs-21.3-15.1.101mdk.i586.rpm
cb30a19b78c3937c648fde0773315f20 10.1/RPMS/emacs-X11-21.3-15.1.101mdk.i586.rpm
df15b087897e5ba4387b7ca00dfd30f2 10.1/RPMS/emacs-doc-21.3-15.1.101mdk.i586.rpm
508e2b25436cc4f4479d4a94499ff860 10.1/RPMS/emacs-el-21.3-15.1.101mdk.i586.rpm
ad52f11f12c175bfa9c9c76321c1dc11 10.1/RPMS/emacs-leim-21.3-15.1.101mdk.i586.rpm
baa34b4dbcacbe21a2cead9e6861897c 10.1/RPMS/emacs-nox-21.3-15.1.101mdk.i586.rpm
50c7a2f467f3f65dccacf70c271efceb 10.1/RPMS/xemacs-21.4.15-5.1.101mdk.i586.rpm
d8b7c4406cc7d2e15e476fa97b31e410 10.1/RPMS/xemacs-devel-21.4.15-5.1.101mdk.i586.rpm
86006c9193091c644ad60bae7199f92f 10.1/RPMS/xemacs-el-21.4.15-5.1.101mdk.i586.rpm
abf3b9fe922e0a6aaee9acf608b75e83 10.1/RPMS/xemacs-extras-21.4.15-5.1.101mdk.i586.rpm
08a6008f56496ab50c9e1ee9ce7d52df 10.1/RPMS/xemacs-packages-21.4.15-5.1.101mdk.i586.rpm
ea1441d81a090fe3149de67e25baa2de 10.1/SRPMS/emacs-21.3-15.1.101mdk.src.rpm
1d00033bd68ed26125f43fd775d656dc 10.1/SRPMS/xemacs-21.4.15-5.1.101mdk.src.rpm
Mandrakelinux 10.1/X86_64:
915928a48253a24c117bcfeb0b22f6f0 x86_64/10.1/RPMS/emacs-21.3-15.1.101mdk.x86_64.rpm
86751c4bcb83f90c0234c63c419ce0bf x86_64/10.1/RPMS/emacs-X11-21.3-15.1.101mdk.x86_64.rpm
36328fe14abeb3b4d15d0dba9b0723e1 x86_64/10.1/RPMS/emacs-doc-21.3-15.1.101mdk.x86_64.rpm
f670aa11153b610d36e08aff9283b5ba x86_64/10.1/RPMS/emacs-el-21.3-15.1.101mdk.x86_64.rpm
58acf0a5ed5af18e36fe121bf9150202 x86_64/10.1/RPMS/emacs-leim-21.3-15.1.101mdk.x86_64.rpm
ca3e0fbebbffa845fa06058c128366bb x86_64/10.1/RPMS/emacs-nox-21.3-15.1.101mdk.x86_64.rpm
bf905f9ff5e06e8cf9e4d197335c4afa x86_64/10.1/RPMS/xemacs-21.4.15-5.1.101mdk.x86_64.rpm
7c0522c6d6b7a87a0cbe3a8a01828195 x86_64/10.1/RPMS/xemacs-devel-21.4.15-5.1.101mdk.x86_64.rpm
47627a15c5894e30e601881b1a43936c x86_64/10.1/RPMS/xemacs-el-21.4.15-5.1.101mdk.x86_64.rpm
389929e05d4fd19815c4364d32da41c3 x86_64/10.1/RPMS/xemacs-extras-21.4.15-5.1.101mdk.x86_64.rpm
43f9afb527af33220c2b51466bcfae22 x86_64/10.1/RPMS/xemacs-packages-21.4.15-5.1.101mdk.x86_64.rpm
ea1441d81a090fe3149de67e25baa2de x86_64/10.1/SRPMS/emacs-21.3-15.1.101mdk.src.rpm
1d00033bd68ed26125f43fd775d656dc x86_64/10.1/SRPMS/xemacs-21.4.15-5.1.101mdk.src.rpm
Corporate Server 2.1:
49983c7829ca7f656b4ba5fbcdf6d36a corporate/2.1/RPMS/emacs-21.2-13.1.C21mdk.i586.rpm
8a692a2c7570ddfde54fd27c63b774f8 corporate/2.1/RPMS/emacs-X11-21.2-13.1.C21mdk.i586.rpm
7e31c44cedfc38f33b1782eb8fd623d8 corporate/2.1/RPMS/emacs-el-21.2-13.1.C21mdk.i586.rpm
d2169eb2989ace9478e443c792d18b95 corporate/2.1/RPMS/emacs-leim-21.2-13.1.C21mdk.i586.rpm
4f20a07d5e1fae991afddf35d0c76338 corporate/2.1/RPMS/emacs-nox-21.2-13.1.C21mdk.i586.rpm
999701ba8835d2d437ad9890fda51a7e corporate/2.1/SRPMS/emacs-21.2-13.1.C21mdk.src.rpm
Corporate Server 2.1/X86_64:
d3204501404baa00d11851560e1cf5b7 x86_64/corporate/2.1/RPMS/emacs-21.2-13.1.C21mdk.x86_64.rpm
217b508c0228983a2f4aec94f4693c19 x86_64/corporate/2.1/RPMS/emacs-X11-21.2-13.1.C21mdk.x86_64.rpm
b98b25b4273bc33bed9c59b26501fe11 x86_64/corporate/2.1/RPMS/emacs-el-21.2-13.1.C21mdk.x86_64.rpm
a18907ebcadc62f8862a8a27c7528483 x86_64/corporate/2.1/RPMS/emacs-leim-21.2-13.1.C21mdk.x86_64.rpm
669897c96706fc032bb4daac4560cc96 x86_64/corporate/2.1/RPMS/emacs-nox-21.2-13.1.C21mdk.x86_64.rpm
999701ba8835d2d437ad9890fda51a7e x86_64/corporate/2.1/SRPMS/emacs-21.2-13.1.C21mdk.src.rpm
Corporate 3.0:
760a753ef94d4f2f2e9b9e29a5255a99 corporate/3.0/RPMS/emacs-21.3-9.1.C30mdk.i586.rpm
99f55f5783219bfbae02c090981b0fcb corporate/3.0/RPMS/emacs-X11-21.3-9.1.C30mdk.i586.rpm
d29235e9a395e19275fab69c4d2c0847 corporate/3.0/RPMS/emacs-el-21.3-9.1.C30mdk.i586.rpm
f04f6f557c078ea69b7c3c85ae0ed81e corporate/3.0/RPMS/emacs-leim-21.3-9.1.C30mdk.i586.rpm
1f6cc7a9cd482fdcf94e363be19971cc corporate/3.0/RPMS/emacs-nox-21.3-9.1.C30mdk.i586.rpm
60791ad7067aa9eefa898a16abaeef36 corporate/3.0/RPMS/xemacs-21.4.15-5.1.C30mdk.i586.rpm
7ef7705a3c28e59f06e903b370156634 corporate/3.0/RPMS/xemacs-devel-21.4.15-5.1.C30mdk.i586.rpm
2881216e5033ade3c2b88cd8b150a823 corporate/3.0/RPMS/xemacs-el-21.4.15-5.1.C30mdk.i586.rpm
85d8a6b42d6a5c35422b626a87d4b8f9 corporate/3.0/RPMS/xemacs-extras-21.4.15-5.1.C30mdk.i586.rpm
1cfd46ac57260629b45442947c24d6e2 corporate/3.0/RPMS/xemacs-packages-21.4.15-5.1.C30mdk.i586.rpm
f679f5be8fe5327fab82ac3be4b5a9e1 corporate/3.0/SRPMS/emacs-21.3-9.1.C30mdk.src.rpm
878e3175c95c3dce2ac60f4047d4a581 corporate/3.0/SRPMS/xemacs-21.4.15-5.1.C30mdk.src.rpm
Corporate 3.0/X86_64:
380a6ccf8fae12dd3a946f275764514e x86_64/corporate/3.0/RPMS/emacs-21.3-9.1.C30mdk.x86_64.rpm
ac591e07f79ba5e4baeb99c3411de1b6 x86_64/corporate/3.0/RPMS/emacs-X11-21.3-9.1.C30mdk.x86_64.rpm
a1a2b98ca97e23ccd76eb96503253d60 x86_64/corporate/3.0/RPMS/emacs-el-21.3-9.1.C30mdk.x86_64.rpm
f13680befb62bf0aa45cd8b10f30aa0a x86_64/corporate/3.0/RPMS/emacs-leim-21.3-9.1.C30mdk.x86_64.rpm
52243d02b273663c55ce9f887cb9f463 x86_64/corporate/3.0/RPMS/emacs-nox-21.3-9.1.C30mdk.x86_64.rpm
2ba9a9462da41ddeaa478a777d4131af x86_64/corporate/3.0/RPMS/xemacs-21.4.15-5.1.C30mdk.x86_64.rpm
a0f7211071c4c1bbb00c5fa3066e2fa4 x86_64/corporate/3.0/RPMS/xemacs-devel-21.4.15-5.1.C30mdk.x86_64.rpm
54a4db0c72b97925b40f9c4befab6c18 x86_64/corporate/3.0/RPMS/xemacs-el-21.4.15-5.1.C30mdk.x86_64.rpm
202c404c96f8da70edb79a57bdccb130 x86_64/corporate/3.0/RPMS/xemacs-extras-21.4.15-5.1.C30mdk.x86_64.rpm
9af99d022d0becc7600722612afb43f1 x86_64/corporate/3.0/RPMS/xemacs-packages-21.4.15-5.1.C30mdk.x86_64.rpm
f679f5be8fe5327fab82ac3be4b5a9e1 x86_64/corporate/3.0/SRPMS/emacs-21.3-9.1.C30mdk.src.rpm
878e3175c95c3dce2ac60f4047d4a581 x86_64/corporate/3.0/SRPMS/xemacs-21.4.15-5.1.C30mdk.src.rpm
_______________________________________________________________________
To upgrade automatically use MandrakeUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandrakesoft for security. You can obtain
the GPG public key of the Mandrakelinux Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandrakelinux at:
http://www.mandrakesoft.com/security/advisories
If you want to report vulnerabilities, please contact
security_linux-mandrake.com
Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Linux Mandrake Security Team
<security linux-mandrake.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFCEpyomqjQ0CJFipgRAiqmAJ9cdLT+Dx+QBNKHWe2H0WK014aJLQCgj7Vb
fX1vCMYtJ3Zs46rSGqU6Ga0=
=2xuP
-----END PGP SIGNATURE-----