FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 11-14-2007, 04:49 PM
 
Default Majordomo results: Emacs vulnerability

--

**** Confirmation message: no valid key found or key expired!
**** Only send confirmation messages to confirm@lists.darkspire.net,
**** Other list commands should be directed to majordomo@lists.darkspire.net.
**** If you have any questions or problems, please contact
**** "majordomo-owner@lists.darkspire.net".
**** Here is the message you sent:

> Subject: [USN-541-1] Emacs vulnerability
>
> --===============7116990273420265227==
> Content-Type: multipart/signed; micalg=pgp-sha1;
> protocol="application/pgp-signature"; boundary="sHrvAb52M6C8blB9"
> Content-Disposition: inline
>
>
> --sHrvAb52M6C8blB9
> Content-Type: text/plain; charset=us-ascii
> Content-Disposition: inline
> Content-Transfer-Encoding: quoted-printable
>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=20
> Ubuntu Security Notice USN-541-1 November 13, 2007
> emacs22 vulnerability
> CVE-2007-5795
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3 D=3D=3D=3D=3D=3D=3D=3D=3D=
> =3D=3D=3D=3D=3D=3D=3D=3D=3D
>
> A security issue affects the following Ubuntu releases:
>
> Ubuntu 7.10
>
> This advisory also applies to the corresponding versions of
> Kubuntu, Edubuntu, and Xubuntu.
>
> The problem can be corrected by upgrading your system to the
> following package versions:
>
> Ubuntu 7.10:
> emacs22 22.1-0ubuntu5.1
>
> In general, a standard system upgrade is sufficient to effect the
> necessary changes.
>
> Details follow:
>
> Drake Wilson discovered that Emacs did not correctly handle the safe
> mode of "enable-local-variables". If a user were tricked into opening
> a specially crafted file while "enable-local-variables" was set to the
> non-default ":safe", a remote attacker could execute arbitrary commands
> with the user's privileges.
>
>
> Updated packages for Ubuntu 7.10:
>
> Source archives:
>
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubu=
> ntu5.1.diff.gz
> Size/MD5: 31839 daac7632708045145dff688900b7627e
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubu=
> ntu5.1.dsc
> Size/MD5: 1094 9ee2aec99e8c5e084e8fba2830548e5a
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1.orig=
> =2Etar.gz
> Size/MD5: 38172226 6949df37caec2d7a2e0eee3f1b422726
>
> Architecture independent packages:
>
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-common_22=
> =2E1-0ubuntu5.1_all.deb
> Size/MD5: 18577010 5e070efae1ad5f584b4c9c058b7f8d71
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-el_22.1-0=
> ubuntu5.1_all.deb
> Size/MD5: 11170894 9c2d1be2028e707396f51e1eec6ef5a6
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs_22.1-0ubunt=
> u5.1_all.deb
> Size/MD5: 4476 6bff7051ee8d52bb742fea7103f1c7d9
>
> amd64 architecture (Athlon64, Opteron, EM64T Xeon):
>
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-bin-commo=
> n_22.1-0ubuntu5.1_amd64.deb
> Size/MD5: 179578 ba931e56ad03653a16b4adc1438e16f1
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-nox_22.1-=
> 0ubuntu5.1_amd64.deb
> Size/MD5: 1933100 bc50b9ed6bb4b8dcd3f9d40edb3b2eb8
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubu=
> ntu5.1_amd64.deb
> Size/MD5: 2215464 c2c7e4f3ed03834ed5ede1560bbc2049
> http://security.ubuntu.com/ubuntu/pool/universe/e/emacs22/emacs22-gtk_2=
> 2.1-0ubuntu5.1_amd64.deb
> Size/MD5: 2208806 20dc6aab6d12d9c28280855a558f8f19
>
> i386 architecture (x86 compatible Intel/AMD):
>
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-bin-commo=
> n_22.1-0ubuntu5.1_i386.deb
> Size/MD5: 160860 c5b3eb523d873c1a58c4ecb9ace72ce7
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-nox_22.1-=
> 0ubuntu5.1_i386.deb
> Size/MD5: 1704948 ba3f0d7c81e80c47bd1c3bd2e823742a
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubu=
> ntu5.1_i386.deb
> Size/MD5: 1953414 b00fe8d866f6c20f0b204dcbfd68ca4c
> http://security.ubuntu.com/ubuntu/pool/universe/e/emacs22/emacs22-gtk_2=
> 2.1-0ubuntu5.1_i386.deb
> Size/MD5: 1946230 48b0afc1dadaa29637411c77939f40fc
>
> powerpc architecture (Apple Macintosh G3/G4/G5):
>
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-bin-commo=
> n_22.1-0ubuntu5.1_powerpc.deb
> Size/MD5: 178814 81f619f2744e31d2ada82515284f4d03
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-nox_22.1-=
> 0ubuntu5.1_powerpc.deb
> Size/MD5: 1844778 491dc3cba5b629a84bb91dc8e6c2352d
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubu=
> ntu5.1_powerpc.deb
> Size/MD5: 2117490 9dd0eb9b7476ac3822b477982af4f1c0
> http://security.ubuntu.com/ubuntu/pool/universe/e/emacs22/emacs22-gtk_2=
> 2.1-0ubuntu5.1_powerpc.deb
> Size/MD5: 2108164 5e605eae9a9909e07f9129850e5fae99
>
> sparc architecture (Sun SPARC/UltraSPARC):
>
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-bin-commo=
> n_22.1-0ubuntu5.1_sparc.deb
> Size/MD5: 166048 6e9af301ebe03290c461ee1727038606
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22-nox_22.1-=
> 0ubuntu5.1_sparc.deb
> Size/MD5: 1803268 20d302817fe0176d00d809847ebfa5e0
> http://security.ubuntu.com/ubuntu/pool/main/e/emacs22/emacs22_22.1-0ubu=
> ntu5.1_sparc.deb
> Size/MD5: 2053664 f36a010a7926f2f52539f70aed9002e7
> http://security.ubuntu.com/ubuntu/pool/universe/e/emacs22/emacs22-gtk_2=
> 2.1-0ubuntu5.1_sparc.deb
> Size/MD5: 2048642 123992bee7c6d627f1b556dc3d5668f5
>
>
> --sHrvAb52M6C8blB9
> Content-Type: application/pgp-signature; name="signature.asc"
> Content-Description: Digital signature
> Content-Disposition: inline
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.6 (GNU/Linux)
>
> iD8DBQFHOiIkH/9LqRcGPm0RAqhkAJ41HmggqNIOhRoAaXS5Wm40kYGGRACgi7Jh
> fBtq+iF/gLA9nkI2u20zbaM=
> =i5vE
> -----END PGP SIGNATURE-----
>
> --sHrvAb52M6C8blB9--
>
>
> --===============7116990273420265227==
> Content-Type: text/plain; charset="us-ascii"
> MIME-Version: 1.0
> Content-Transfer-Encoding: 7bit
> Content-Disposition: inline
>
> --
> ubuntu-security-announce mailing list
> ubuntu-security-announce@lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce
>
> --===============7116990273420265227==--
>
>


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 05:33 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org