Alerts This Week
Warning Icon 1 619
Alerts This Week
Warning Icon 1 619

Slackware 10.1 Critical: Emacs Movemail Remote Code Execution Advisory

slackware
Calendar Grey July 20, 2005
Dist Slackware Esm H88
Recent updates to Emacs plugins tackle a significant vulnerability found in Slackware's movemail component of the POP utility, which could allow for remote code execution.
New emacs packages are available for Slackware 10.1 and -current to a security issue with the movemail utility for retrieving mail from a POP mail server

Summary

Here are the details from the Slackware 10.1 ChangeLog: patches/packages/emacs-21.4a-i486-1.tgz: Upgraded to emacs-21.4a. This fixes a vulnerability in the movemail utility when connecting to a malicious POP server that may allow the execution of arbitrary code as the user running emacs. (* Security fix *)

Topics%20covered

Topics Covered

security advisory critical remote code execution Slackware emacs movemail

Where Find New Packages

Updated packages for Slackware 10.1: ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-21.4a-i486-1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-info-21.4a-noarch-1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-leim-21.4-noarch-1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-lisp-21.4a-noarch-1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-misc-21.4a-noarch-1.tgz ftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/emacs-nox-21.4a-i486-1.tgz
Updated packages for Slackware -current:

MD5 Signatures

Slackware 10.1 packages: 7bb30482651e5e4558eea0b66b55d1de emacs-21.4a-i486-1.tgz 45b0fb651c6c7b9deacb55efe582b4b5 emacs-info-21.4a-noarch-1.tgz 5d0152fa95027215b14ece0f8fbf8a37 emacs-leim-21.4-noarch-1.tgz 5bd976633a33dad36161eba7e92bec61 emacs-lisp-21.4a-noarch-1.tgz 2763fe68ed8c833ed95ec4c95aacc562 emacs-misc-21.4a-noarch-1.tgz 195df428e1a10c50da88129002c9e2f9 emacs-nox-21.4a-i486-1.tgz
Slackware -current packages: 44986e6ca1e02d971f43e3d0f118dde3 emacs-21.4a-i486-1.tgz 100643203d73d54df78c58eef8596e4b emacs-info-21.4a-noarch-1.tgz 70effd3b113d795d8532022139269f77 emacs-leim-21.4-noarch-1.tgz 2bcec4297285f30124e2a61f85a27440 emacs-lisp-21.4a-noarch-1.tgz 48ebc0d4e581d5deb15159a4d34c060d emacs-misc-21.4a-noarch-1.tgz 04fb5ed4b1da572063b2a991d8c54edf emacs-nox-21.4a-i486-1.tgz

Severity
critical
Lowest
Low
Medium
High
Critical

Topics%20covered

Topics Covered

security advisory critical remote code execution Slackware emacs movemail

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Installation Instructions

Installation instructions: Upgrade the packages as root: # upgradepkg emacs-21.4a-i486-1.tgz emacs-info-21.4a-noarch-1.tgz emacs-leim-21.4-noarch-1.tgz emacs-lisp-21.4a-noarch-1.tgz emacs-misc-21.4a-noarch-1.tgz emacs-nox-21.4a-i486-1.tgz

Related News

Your message here