Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Sign up!
EnGarde Community
What is the most important Linux security technology?
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Latest Newsletters
Linux Advisory Watch: March 27th, 2015
Linux Security Week: March 23rd, 2015
LinuxSecurity Newsletters
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

Debian: New xemacs21 packages fix arbitrary code execution Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Debian Updated xemacs package.
- --------------------------------------------------------------------------
Debian Security Advisory DSA 671-1                                        Martin Schulze
February 8th, 2005            
- --------------------------------------------------------------------------

Package        : xemacs21
Vulnerability  : format string
Problem-Type   : remote
Debian-specific: no
CVE ID         : CAN-2005-0100

Max Vozeler discovered several format string vulnerabilities in the
movemail utility of Emacs, the well-known editor.  Via connecting to a
malicious POP server an attacker can execute arbitrary code under the
privileges of group mail.

For the stable distribution (woody) these problems have been fixed in
version 21.4.6-8woody2.

For the unstable distribution (sid) these problems have been fixed in
version 21.4.16-2.

We recommend that you upgrade your emacs packages.

Upgrade Instructions
- --------------------

wget url
        will fetch the file for you
dpkg -i file.deb
        will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
        will update the internal database
apt-get upgrade
        will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.0 alias woody
- --------------------------------

  Source archives:
      Size/MD5 checksum:     1074 171f6e125b07b5557a1a9539de922b76
      Size/MD5 checksum:    26534 858f425089cbe261cc22bfabd7c20c43
      Size/MD5 checksum:  7898727 2ad6fdbd595cbfa7ed150e0f72e31bd4

  Architecture independent components:
      Size/MD5 checksum:  4386014 aff24460c2104a77ba88bf1b4ee0d3ed
      Size/MD5 checksum:  1271018 84c7e9871cdca5d03c5a353c8ff0a3a6
      Size/MD5 checksum:     9760 171e6e768169212d27773a73bd455da8

  Alpha architecture:
      Size/MD5 checksum:   580448 187d3c3464408b0526e0da6b841a6731
      Size/MD5 checksum:  2421810 2d78ecb039f98f15fed2753d15bff997
      Size/MD5 checksum:  2525422 cda5569e4db68c98cb8e25faf8f21854
      Size/MD5 checksum:  2101610 3df092c816c3c7cd86e5f57454857b68
      Size/MD5 checksum:  2354032 129c25cb4d7863cd3220cc6da24f20bf
      Size/MD5 checksum:  2460292 e6da7dffb7adbc22ef1bb25e1a7be340
      Size/MD5 checksum:  2058930 6c49e0a69513eddd47088555ed6b3dc9

  ARM architecture:
      Size/MD5 checksum:   537204 c3a5eb7a9a74793a46b0580a5d538640
      Size/MD5 checksum:  2094660 b97afec887bbe9412cd5a1086ae27ce3
      Size/MD5 checksum:  2190530 e2d64ff9c998e4ddcb1d850aa1e8456b
      Size/MD5 checksum:  1835584 4151f9408d4e4d25adb0472a42f4a6a3
      Size/MD5 checksum:  2032010 ef2350299bef5bedb37cd19d3f4e91d9
      Size/MD5 checksum:  2121292 7c1b79d91ecbee44832acbb318191889
      Size/MD5 checksum:  1791656 987a2a160b865de276ba92aa8f74ee0e

  Intel IA-32 architecture:
      Size/MD5 checksum:   531076 e65d37f2fd9eeb6e59daa41ad7ebae82
      Size/MD5 checksum:  2023450 9d78c33b6144b188277d8ba254b47a27
      Size/MD5 checksum:  2106246 d6d4a671f08c5c56777ac9756c697ed9
      Size/MD5 checksum:  1770586 6b6eea65ba459a5a4b92f6c7f2cab85c
      Size/MD5 checksum:  1951628 e9b396f7c2e1eea680210811ea557abf
      Size/MD5 checksum:  2025806 69d40b285f354dec9daa4bc965c3717c
      Size/MD5 checksum:  1717190 e4b9ebdeda765d5b1b6b3c223da0c2bf

  Intel IA-64 architecture:
      Size/MD5 checksum:   625504 39a41e6cb27eb4c39fa061d297ec0c90
      Size/MD5 checksum:  2711560 04422ee233798df0903fce907fbbe9fa
      Size/MD5 checksum:  2843090 01ab68f4a76880fb563f5851df560653
      Size/MD5 checksum:  2366896 4c77d04e65316eda945c7f7b62431e87
      Size/MD5 checksum:  2660828 31ab16a84a027c47ef742dde4ae5be85
      Size/MD5 checksum:  2799262 1241735510e66d72bf41d60e43f2a369
      Size/MD5 checksum:  2336530 ff23ca5e111c9b117f90e97874fbfb81

  Big endian MIPS architecture:
      Size/MD5 checksum:   558124 8c0d4c9a7e0e599e8b8526c415da81ff
      Size/MD5 checksum:  2195440 b3d55e6877728950b18e96f7493fabf0
      Size/MD5 checksum:  2286100 9d7d7e67f80f2b50c9629cdeb7ab02f6
      Size/MD5 checksum:  1927926 636349330540adbe8948d691a9664c0c
      Size/MD5 checksum:  2133942 0f7ef8e90e50c70bcd2a21de7e15f866
      Size/MD5 checksum:  2210340 bc3a32dd12b0a7ffe3a24a21222aff5f
      Size/MD5 checksum:  1884858 78e29349e073b1530597b8ddfdbe7fc7

  Little endian MIPS architecture:
      Size/MD5 checksum:   557652 0c66d1356d675aa3a851852868bf1474
      Size/MD5 checksum:  2145012 849832ea07d99b8c9c34aa0f8d0f07a2
      Size/MD5 checksum:  2232936 1d0547bfceb6438302508e4303882026
      Size/MD5 checksum:  1884032 b02862c6d3b9f54b00c5da9563cea642
      Size/MD5 checksum:  2087790 a45c0b783e8f89a6f90000853de82d97
      Size/MD5 checksum:  2160484 71eb4b77eab06a699136c46c381411ba
      Size/MD5 checksum:  1842970 66bc0a6ab8b6e206ec5547a50cd1dc90

  PowerPC architecture:
      Size/MD5 checksum:   543242 676657598fc9fc1cdd7a78d00ad382c1
      Size/MD5 checksum:  2151626 fd25f9c884831e0773a60f5558570fb6
      Size/MD5 checksum:  2246958 82b13b39d6321ef513eeac576d1ac542
      Size/MD5 checksum:  1890260 661caa995cdf5b32dd85bfe40cc2291c
      Size/MD5 checksum:  2089262 472f238a0aa1af047842012664a6009b
      Size/MD5 checksum:  2159034 35bd5b545006e5f49598e5c7fcddc904
      Size/MD5 checksum:  1838876 0841e2ea39bf16ca83a137d0d0fc0952

  IBM S/390 architecture:
      Size/MD5 checksum:   540628 367af36ba2af7112f6960507b6028313
      Size/MD5 checksum:  2126568 385279e981a6aa5816d32817c95e2d6c
      Size/MD5 checksum:  2214740 f3e3d2c9da3342a520be8dae7d4a4cde
      Size/MD5 checksum:  1865760 3d4900f641af12cf836ee1a346388871
      Size/MD5 checksum:  2062040 4bec5cfdf3ae855f5e32d72af45f2a0c
      Size/MD5 checksum:  2133634 1d8bc2ad4f5074a5392f75e2a5ffd38f
      Size/MD5 checksum:  1815436 5563da798b2587f63c315abcf43821dd

  Sun Sparc architecture:
      Size/MD5 checksum:   561414 c18759a402b17fc3e03c64ea985600d9
      Size/MD5 checksum:  2122166 c0584bbb69dd8e2547d4d84878e4f6ee
      Size/MD5 checksum:  2212100 3d6aa37784918a7be79240b03c654d87
      Size/MD5 checksum:  1861558 4ddeb1f266dffebc135d5b6f01454915
      Size/MD5 checksum:  2050316 519b2fda5b2528a32e95b87f2da5c7e8
      Size/MD5 checksum:  2127898 e7f92723f2e505c0ff95a426a760d9c3
      Size/MD5 checksum:  1807234 d769ccf2b75911a474e5b6fc4a29c05d

  These files will probably be moved into the stable distribution on
  its next update.

- ---------------------------------------------------------------------------------
For apt-get: deb stable/updates main
For dpkg-ftp: dists/stable/updates/main
Mailing list:
< Prev   Next >


Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2015 Guardian Digital, Inc. All rights reserved.