Slackware: 2022-342-01: emacs Security Update | LinuxSecurity.com

What Are You Looking For?

Popular Tags

Contribute

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

[slackware-security]  emacs (SSA:2022-342-01)

New emacs packages are available for Slackware 15.0 and -current to
fix a security issue.


Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/emacs-27.2-i586-2_slack15.0.txz:  Rebuilt.
  GNU Emacs through 28.2 allows attackers to execute commands via shell
  metacharacters in the name of a source-code file, because lib-src/etags.c
  uses the system C library function in its implementation of the ctags
  program. For example, a victim may use the "ctags *" command (suggested in
  the ctags documentation) in a situation where the current working directory
  has contents that depend on untrusted input.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-45939
  (* Security fix *)
+--------------------------+


Where to find the new packages:
+-----------------------------+

Thanks to the friendly folks at the OSU Open Source Lab
(https://osuosl.org) for donating FTP and rsync hosting
to the Slackware project!  :-)

Also see the "Get Slack" section on https://slackware.com for
additional mirror sites near you.

Updated package for Slackware 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/emacs-27.2-i586-2_slack15.0.txz

Updated package for Slackware x86_64 15.0:
ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/emacs-27.2-x86_64-2_slack15.0.txz

Updated package for Slackware -current:
ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-28.2-i586-2.txz

Updated package for Slackware x86_64 -current:
ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/e/emacs-28.2-x86_64-2.txz


MD5 signatures:
+-------------+

Slackware 15.0 package:
97de51db765e152d32a8cf5562961f81  emacs-27.2-i586-2_slack15.0.txz

Slackware x86_64 15.0 package:
91209777290bf8fd5e2ac918d72f14ba  emacs-27.2-x86_64-2_slack15.0.txz

Slackware -current package:
8d0bb1c76fe4e50fa33ecc6c3aaffce1  e/emacs-28.2-i586-2.txz

Slackware x86_64 -current package:
3f8c307bb6e7e867cd360c4fa914a70f  e/emacs-28.2-x86_64-2.txz


Installation instructions:
+------------------------+

Upgrade the package as root:
# upgradepkg emacs-27.2-i586-2_slack15.0.txz


+-----+

Slackware: 2022-342-01: emacs Security Update

December 8, 2022
New emacs packages are available for Slackware 15.0 and -current to fix a security issue

Summary

Here are the details from the Slackware 15.0 ChangeLog: patches/packages/emacs-27.2-i586-2_slack15.0.txz: Rebuilt. GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input. For more information, see: https://www.cve.org/CVERecord?id=CVE-2022-45939 (* Security fix *)

Where Find New Packages

Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)
Also see the "Get Slack" section on https://slackware.com for additional mirror sites near you.
Updated package for Slackware 15.0: ftp://ftp.slackware.com/pub/slackware/slackware-15.0/patches/packages/emacs-27.2-i586-2_slack15.0.txz
Updated package for Slackware x86_64 15.0: ftp://ftp.slackware.com/pub/slackware/slackware64-15.0/patches/packages/emacs-27.2-x86_64-2_slack15.0.txz
Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/e/emacs-28.2-i586-2.txz
Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/e/emacs-28.2-x86_64-2.txz

MD5 Signatures

Slackware 15.0 package: 97de51db765e152d32a8cf5562961f81 emacs-27.2-i586-2_slack15.0.txz
Slackware x86_64 15.0 package: 91209777290bf8fd5e2ac918d72f14ba emacs-27.2-x86_64-2_slack15.0.txz
Slackware -current package: 8d0bb1c76fe4e50fa33ecc6c3aaffce1 e/emacs-28.2-i586-2.txz
Slackware x86_64 -current package: 3f8c307bb6e7e867cd360c4fa914a70f e/emacs-28.2-x86_64-2.txz

Severity
[slackware-security] emacs (SSA:2022-342-01)
New emacs packages are available for Slackware 15.0 and -current to fix a security issue.

Installation Instructions

Installation instructions: Upgrade the package as root: # upgradepkg emacs-27.2-i586-2_slack15.0.txz

News

Advisories

HOWTOs

Features

How to Check if Your Linux System is Infected with a Virus
Security Considerations for Azure Linux & Windows Subsystem for Linux Users
Admins Receive Automated Linux Patch Management & Improved Security with ManageEngine Endpoint Central
Linux Malware: The Truth About This Growing Threat [Updated]
How Physical Security Blends With Cybersecurity

About Us

Powered By

Footer Logo

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy. 

Learn More About Our Cookie Policy