LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: April 21st, 2014
Linux Security Week: April 7th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandrake: Updated emacs/xemacs Print E-mail
User Rating:      How can I rate this item?
Posted by Benjamin D. Thomas   
Mandrake Max Vozeler discovered several format string vulnerabilities in the movemail utility in Emacs. If a user connects to a malicious POP server, an attacker can execute arbitrary code as the user running emacs. The updated packages have been patched to correct the problem.
 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           emacs
 Advisory ID:            MDKSA-2005:038
 Date:                   February 15th, 2005

 Affected versions:	 10.0, 10.1, Corporate 3.0,
			 Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Max Vozeler discovered several format string vulnerabilities in the
 movemail utility in Emacs.  If a user connects to a malicious POP
 server, an attacker can execute arbitrary code as the user running
 emacs.
 
 The updated packages have been patched to correct the problem.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0100
 ______________________________________________________________________

 Updated Packages:
  
 Mandrakelinux 10.0:
 d899f99f2f9bb60ae5a2c971847716a5  10.0/RPMS/emacs-21.3-9.1.100mdk.i586.rpm
 e2ed618fc3b58636c13ce1f2dd2629b5  10.0/RPMS/emacs-X11-21.3-9.1.100mdk.i586.rpm
 47482022f0e1e9f08a57edc6a2a966b4  10.0/RPMS/emacs-el-21.3-9.1.100mdk.i586.rpm
 0cb3957408fa485c6253ab49bc2c5d39  10.0/RPMS/emacs-leim-21.3-9.1.100mdk.i586.rpm
 0bfd90f125f1fe7d2e30379e9c5fd758  10.0/RPMS/emacs-nox-21.3-9.1.100mdk.i586.rpm
 ae8043548a6141945b258da8ff862d77  10.0/RPMS/xemacs-21.4.15-5.1.100mdk.i586.rpm
 d5506dea73c144ed9eed8983dcb6da22  10.0/RPMS/xemacs-devel-21.4.15-5.1.100mdk.i586.rpm
 c4afe7ac526849fa58a46a0471e62807  10.0/RPMS/xemacs-el-21.4.15-5.1.100mdk.i586.rpm
 7a9d63715dac250e04a264cbd6824dd3  10.0/RPMS/xemacs-extras-21.4.15-5.1.100mdk.i586.rpm
 abe2a1e425b5bb7de659790fc6b4a8d4  10.0/RPMS/xemacs-packages-21.4.15-5.1.100mdk.i586.rpm
 8f922b04d409cdde24764d42ee4d4494  10.0/SRPMS/emacs-21.3-9.1.100mdk.src.rpm
 224bff664582a98701e8e60937754b78  10.0/SRPMS/xemacs-21.4.15-5.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 39bdb29b6f715318429bc9c36107fb52  amd64/10.0/RPMS/emacs-21.3-9.1.100mdk.amd64.rpm
 f39ad2589bf356ee45938a478c279f73  amd64/10.0/RPMS/emacs-X11-21.3-9.1.100mdk.amd64.rpm
 b1f1000d1fb5f75d98927927f47ea775  amd64/10.0/RPMS/emacs-el-21.3-9.1.100mdk.amd64.rpm
 05c33e8f7aa98340f7797990d4f579c1  amd64/10.0/RPMS/emacs-leim-21.3-9.1.100mdk.amd64.rpm
 e24061e2624d554a9c7829b3d4064198  amd64/10.0/RPMS/emacs-nox-21.3-9.1.100mdk.amd64.rpm
 5b26030da09890fcfb853b6d389cae5c  amd64/10.0/RPMS/xemacs-21.4.15-5.1.100mdk.amd64.rpm
 66ad72d0cfa33776b60dcba27e85f82c  amd64/10.0/RPMS/xemacs-devel-21.4.15-5.1.100mdk.amd64.rpm
 22f2cc825813c7af4ffd7db6876b2520  amd64/10.0/RPMS/xemacs-el-21.4.15-5.1.100mdk.amd64.rpm
 43ed8bc15bfb534b4a656eca1d4e3856  amd64/10.0/RPMS/xemacs-extras-21.4.15-5.1.100mdk.amd64.rpm
 7a1861cf7c35dd3b7dae7e40e7a025ac  amd64/10.0/RPMS/xemacs-packages-21.4.15-5.1.100mdk.amd64.rpm
 8f922b04d409cdde24764d42ee4d4494  amd64/10.0/SRPMS/emacs-21.3-9.1.100mdk.src.rpm
 224bff664582a98701e8e60937754b78  amd64/10.0/SRPMS/xemacs-21.4.15-5.1.100mdk.src.rpm

 Mandrakelinux 10.1:
 0d692ad6a7755ca8e5c5bb4e369f1b63  10.1/RPMS/emacs-21.3-15.1.101mdk.i586.rpm
 cb30a19b78c3937c648fde0773315f20  10.1/RPMS/emacs-X11-21.3-15.1.101mdk.i586.rpm
 df15b087897e5ba4387b7ca00dfd30f2  10.1/RPMS/emacs-doc-21.3-15.1.101mdk.i586.rpm
 508e2b25436cc4f4479d4a94499ff860  10.1/RPMS/emacs-el-21.3-15.1.101mdk.i586.rpm
 ad52f11f12c175bfa9c9c76321c1dc11  10.1/RPMS/emacs-leim-21.3-15.1.101mdk.i586.rpm
 baa34b4dbcacbe21a2cead9e6861897c  10.1/RPMS/emacs-nox-21.3-15.1.101mdk.i586.rpm
 50c7a2f467f3f65dccacf70c271efceb  10.1/RPMS/xemacs-21.4.15-5.1.101mdk.i586.rpm
 d8b7c4406cc7d2e15e476fa97b31e410  10.1/RPMS/xemacs-devel-21.4.15-5.1.101mdk.i586.rpm
 86006c9193091c644ad60bae7199f92f  10.1/RPMS/xemacs-el-21.4.15-5.1.101mdk.i586.rpm
 abf3b9fe922e0a6aaee9acf608b75e83  10.1/RPMS/xemacs-extras-21.4.15-5.1.101mdk.i586.rpm
 08a6008f56496ab50c9e1ee9ce7d52df  10.1/RPMS/xemacs-packages-21.4.15-5.1.101mdk.i586.rpm
 ea1441d81a090fe3149de67e25baa2de  10.1/SRPMS/emacs-21.3-15.1.101mdk.src.rpm
 1d00033bd68ed26125f43fd775d656dc  10.1/SRPMS/xemacs-21.4.15-5.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 915928a48253a24c117bcfeb0b22f6f0  x86_64/10.1/RPMS/emacs-21.3-15.1.101mdk.x86_64.rpm
 86751c4bcb83f90c0234c63c419ce0bf  x86_64/10.1/RPMS/emacs-X11-21.3-15.1.101mdk.x86_64.rpm
 36328fe14abeb3b4d15d0dba9b0723e1  x86_64/10.1/RPMS/emacs-doc-21.3-15.1.101mdk.x86_64.rpm
 f670aa11153b610d36e08aff9283b5ba  x86_64/10.1/RPMS/emacs-el-21.3-15.1.101mdk.x86_64.rpm
 58acf0a5ed5af18e36fe121bf9150202  x86_64/10.1/RPMS/emacs-leim-21.3-15.1.101mdk.x86_64.rpm
 ca3e0fbebbffa845fa06058c128366bb  x86_64/10.1/RPMS/emacs-nox-21.3-15.1.101mdk.x86_64.rpm
 bf905f9ff5e06e8cf9e4d197335c4afa  x86_64/10.1/RPMS/xemacs-21.4.15-5.1.101mdk.x86_64.rpm
 7c0522c6d6b7a87a0cbe3a8a01828195  x86_64/10.1/RPMS/xemacs-devel-21.4.15-5.1.101mdk.x86_64.rpm
 47627a15c5894e30e601881b1a43936c  x86_64/10.1/RPMS/xemacs-el-21.4.15-5.1.101mdk.x86_64.rpm
 389929e05d4fd19815c4364d32da41c3  x86_64/10.1/RPMS/xemacs-extras-21.4.15-5.1.101mdk.x86_64.rpm
 43f9afb527af33220c2b51466bcfae22  x86_64/10.1/RPMS/xemacs-packages-21.4.15-5.1.101mdk.x86_64.rpm
 ea1441d81a090fe3149de67e25baa2de  x86_64/10.1/SRPMS/emacs-21.3-15.1.101mdk.src.rpm
 1d00033bd68ed26125f43fd775d656dc  x86_64/10.1/SRPMS/xemacs-21.4.15-5.1.101mdk.src.rpm

 Corporate Server 2.1:
 49983c7829ca7f656b4ba5fbcdf6d36a  corporate/2.1/RPMS/emacs-21.2-13.1.C21mdk.i586.rpm
 8a692a2c7570ddfde54fd27c63b774f8  corporate/2.1/RPMS/emacs-X11-21.2-13.1.C21mdk.i586.rpm
 7e31c44cedfc38f33b1782eb8fd623d8  corporate/2.1/RPMS/emacs-el-21.2-13.1.C21mdk.i586.rpm
 d2169eb2989ace9478e443c792d18b95  corporate/2.1/RPMS/emacs-leim-21.2-13.1.C21mdk.i586.rpm
 4f20a07d5e1fae991afddf35d0c76338  corporate/2.1/RPMS/emacs-nox-21.2-13.1.C21mdk.i586.rpm
 999701ba8835d2d437ad9890fda51a7e  corporate/2.1/SRPMS/emacs-21.2-13.1.C21mdk.src.rpm

 Corporate Server 2.1/X86_64:
 d3204501404baa00d11851560e1cf5b7  x86_64/corporate/2.1/RPMS/emacs-21.2-13.1.C21mdk.x86_64.rpm
 217b508c0228983a2f4aec94f4693c19  x86_64/corporate/2.1/RPMS/emacs-X11-21.2-13.1.C21mdk.x86_64.rpm
 b98b25b4273bc33bed9c59b26501fe11  x86_64/corporate/2.1/RPMS/emacs-el-21.2-13.1.C21mdk.x86_64.rpm
 a18907ebcadc62f8862a8a27c7528483  x86_64/corporate/2.1/RPMS/emacs-leim-21.2-13.1.C21mdk.x86_64.rpm
 669897c96706fc032bb4daac4560cc96  x86_64/corporate/2.1/RPMS/emacs-nox-21.2-13.1.C21mdk.x86_64.rpm
 999701ba8835d2d437ad9890fda51a7e  x86_64/corporate/2.1/SRPMS/emacs-21.2-13.1.C21mdk.src.rpm

 Corporate 3.0:
 760a753ef94d4f2f2e9b9e29a5255a99  corporate/3.0/RPMS/emacs-21.3-9.1.C30mdk.i586.rpm
 99f55f5783219bfbae02c090981b0fcb  corporate/3.0/RPMS/emacs-X11-21.3-9.1.C30mdk.i586.rpm
 d29235e9a395e19275fab69c4d2c0847  corporate/3.0/RPMS/emacs-el-21.3-9.1.C30mdk.i586.rpm
 f04f6f557c078ea69b7c3c85ae0ed81e  corporate/3.0/RPMS/emacs-leim-21.3-9.1.C30mdk.i586.rpm
 1f6cc7a9cd482fdcf94e363be19971cc  corporate/3.0/RPMS/emacs-nox-21.3-9.1.C30mdk.i586.rpm
 60791ad7067aa9eefa898a16abaeef36  corporate/3.0/RPMS/xemacs-21.4.15-5.1.C30mdk.i586.rpm
 7ef7705a3c28e59f06e903b370156634  corporate/3.0/RPMS/xemacs-devel-21.4.15-5.1.C30mdk.i586.rpm
 2881216e5033ade3c2b88cd8b150a823  corporate/3.0/RPMS/xemacs-el-21.4.15-5.1.C30mdk.i586.rpm
 85d8a6b42d6a5c35422b626a87d4b8f9  corporate/3.0/RPMS/xemacs-extras-21.4.15-5.1.C30mdk.i586.rpm
 1cfd46ac57260629b45442947c24d6e2  corporate/3.0/RPMS/xemacs-packages-21.4.15-5.1.C30mdk.i586.rpm
 f679f5be8fe5327fab82ac3be4b5a9e1  corporate/3.0/SRPMS/emacs-21.3-9.1.C30mdk.src.rpm
 878e3175c95c3dce2ac60f4047d4a581  corporate/3.0/SRPMS/xemacs-21.4.15-5.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 380a6ccf8fae12dd3a946f275764514e  x86_64/corporate/3.0/RPMS/emacs-21.3-9.1.C30mdk.x86_64.rpm
 ac591e07f79ba5e4baeb99c3411de1b6  x86_64/corporate/3.0/RPMS/emacs-X11-21.3-9.1.C30mdk.x86_64.rpm
 a1a2b98ca97e23ccd76eb96503253d60  x86_64/corporate/3.0/RPMS/emacs-el-21.3-9.1.C30mdk.x86_64.rpm
 f13680befb62bf0aa45cd8b10f30aa0a  x86_64/corporate/3.0/RPMS/emacs-leim-21.3-9.1.C30mdk.x86_64.rpm
 52243d02b273663c55ce9f887cb9f463  x86_64/corporate/3.0/RPMS/emacs-nox-21.3-9.1.C30mdk.x86_64.rpm
 2ba9a9462da41ddeaa478a777d4131af  x86_64/corporate/3.0/RPMS/xemacs-21.4.15-5.1.C30mdk.x86_64.rpm
 a0f7211071c4c1bbb00c5fa3066e2fa4  x86_64/corporate/3.0/RPMS/xemacs-devel-21.4.15-5.1.C30mdk.x86_64.rpm
 54a4db0c72b97925b40f9c4befab6c18  x86_64/corporate/3.0/RPMS/xemacs-el-21.4.15-5.1.C30mdk.x86_64.rpm
 202c404c96f8da70edb79a57bdccb130  x86_64/corporate/3.0/RPMS/xemacs-extras-21.4.15-5.1.C30mdk.x86_64.rpm
 9af99d022d0becc7600722612afb43f1  x86_64/corporate/3.0/RPMS/xemacs-packages-21.4.15-5.1.C30mdk.x86_64.rpm
 f679f5be8fe5327fab82ac3be4b5a9e1  x86_64/corporate/3.0/SRPMS/emacs-21.3-9.1.C30mdk.src.rpm
 878e3175c95c3dce2ac60f4047d4a581  x86_64/corporate/3.0/SRPMS/xemacs-21.4.15-5.1.C30mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  
 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Fixing OpenSSL's Heartbleed flaw will take MONTHS, warns Secunia
Even the most secure cloud storage may not be so secure, study finds
Targeted Attack Uses Heartbleed to Hijack VPN Sessions
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.