Alerts This Week
Warning Icon 1 525
Alerts This Week
Warning Icon 1 525

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 43 hplip Major Update Addressing Possible Arbitrary Code Execution

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 Important Kernel Security Advisory ELSA-2026-21706

Calendar White Jun 02, 2026
Important
Oracle Large Esm H900
Oracle

Oracle Linux 8 httpd Important Denial of Service Vuln ELSA-2026-22140

Calendar White Jun 02, 2026
Important
Oracle Large Esm H800
Oracle

Oracle Linux 8 ELSA-2026-22315 compat-openssl10 Moderate DoS Fix

Calendar White Jun 02, 2026
moderate
Oracle Large Esm H900
Oracle

Oracle Linux 8 gnutls Important Buffer Overflow Auth Bypass ELSA-2026-20611

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS nginx Security Advisory for Critical DoS Vulnerabilities

Calendar White Jun 03, 2026
Critical
Ubuntu Large Esm H800
Ubuntu

Ubuntu 20.04 LTS MySQL Important Security Issues USN-8363-2

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 20.04 LTS GStreamer Base Significant DoS Attack Vulnerability Alert

Calendar White Jun 03, 2026
Important
Ubuntu Large Esm H900
Ubuntu

Ubuntu 26.04 LTS python-pip Moderate DoS Regression Fix USN-8344-3

Calendar White Jun 03, 2026
Important
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found -2 articles for you...
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoocode execution

Gentoo: GLSA-201006-15 Normal: XEmacs Code Execution Risk

Multiple integer overflow errors in XEmacs might allow remote, user-assisted attackers to execute arbitrary code.. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201006-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: XEmacs: User-assisted execution of arbitrary code Date: June 03, 2010 Bugs: #275397 ID: 201006-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Multiple integer overflow errors in XEmacs might allow remote, user-assisted attackers to execute arbitrary code. Background ========= XEmacs is a highly extensible and customizable text editor. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/xemacs < 21.4.22-r1 > = 21.4.22-r1 Description ========== Tielei Wang reported multiple integer overflow vulnerabilities in the tiff_instantiate(), png_instantiate() and jpeg_instantiate() functions in glyphs-eimage.c, all possibly leading to heap-based buffer overflows. Impact ===== A remote attacker could entice a user to open a specially crafted TIFF, JPEG or PNG file using XEmacs, possibly resulting in the remote execution of arbitrary code with the privileges of the user running the application, or a Denial of Service condition. Workaround ========= There is no known workaround at this time. Resolution ========= All XEmacs users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-editors/xemacs-21.4.22-r1" NOTE: This is a legacy GLSA. Updates for all affectedarchitectures are available since July 26, 2009. It is likely that your system is already no longer affected by this issue. References ========= [ 1 ] CVE-2009-2688 https://www.cve.org/CVERecord?id=CVE-2009-2688 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201006-15 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org. License ====== Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . XEmacs exhibits vulnerabilities from integer overflow, potentially enabling user-triggered execution of arbitrary code. Update promptly to reduce security threats.. Gentoo Security Advisory, XEmacs Security, Integer Overflow, Code Execution Risk. . LinuxSecurity.com Team

Calendar 2 Jun 03, 2010 Gentoo
91
Ls Advisories Gentoo Esm H240
Price Tag 1security advisorygentoocode execution

Gentoo: 200902-06 Advisory: Emacs Code Execution Vulnerability Risk

Two vulnerabilities were found in GNU Emacs, possibly leading to user-assisted execution of arbitrary code. One also affects edit-utils in XEmacs. [More...]. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200902-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: GNU Emacs, XEmacs: Multiple vulnerabilities Date: February 23, 2009 Bugs: #221197, #236498 ID: 200902-06 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======= Two vulnerabilities were found in GNU Emacs, possibly leading to user-assisted execution of arbitrary code. One also affects edit-utils in XEmacs. Background ========= GNU Emacs and XEmacs are highly extensible and customizable text editors. edit-utils are miscellaneous extensions to XEmacs. Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 app-editors/emacs < 22.2-r3 > = 22.2-r3 *> = 21.4-r17 < 19 2 app-xemacs/edit-utils < 2.39 > = 2.39 ------------------------------------------------------------------- 2 affected packages on all of their supported architectures. ------------------------------------------------------------------- Description ========== Morten Welinder reports about GNU Emacs and edit-utils in XEmacs: By shipping a .flc accompanying a source file (.c for example) and setting font-lock-support-mode to fast-lock-mode in the source filethrough local variables, any Lisp code in the .flc file is executed without warning (CVE-2008-2142). Romain Francoise reported a security risk in a feature of GNU Emacs related to interacting with Python. The vulnerability arises because Python, by default, prepends the current directory to the module search path, allowing for arbitrary code execution when launched from a specially crafted directory (CVE-2008-3949). Impact ===== Remote attackers could entice a user to open a specially crafted file in GNU Emacs, possibly leading to the execution of arbitrary Emacs Lisp code or arbitrary Python code with the privileges of the user running GNU Emacs or XEmacs. Workaround ========= There is no known workaround at this time. Resolution ========= All GNU Emacs users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-editors/emacs-22.2-r3" All edit-utils users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose "> =app-xemacs/edit-utils-2.39" References ========= [ 1 ] CVE-2008-2142 https://www.cve.org/CVERecord?id=CVE-2008-2142 [ 2 ] CVE-2008-3949 https://www.cve.org/CVERecord?id=CVE-2008-3949 Availability =========== This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/200902-06 Concerns? ======== Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to This email address is being protected from spambots. You need JavaScript enabled to view it. or alternatively, you may file a bug at https://bugs.gentoo.org/. License ====== Copyright 2009 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. https://creativecommons.org/licenses/by-sa/2.5/ . Enhance the security of GNU Emacs and XEmacs to reduce potential threats of unauthorized codeexecution. Refer to the latest announcements from Gentoo for pertinent upgrades.. Gentoo Linux, Code Execution Risk, GNU Emacs Security, XEmacs Advisory. . LinuxSecurity.com Team

Calendar 2 Feb 23, 2009 Gentoo
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorysecurity updatered hat

Red Hat: RHSA-2005:133-01 Important: XEmacs Code Execution Risk

Updated XEmacs packages that fix a string format issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team.. - --------------------------------------------------------------------- Red Hat Security Advisory Synopsis: Important: xemacs security update Advisory ID: RHSA-2005:133-01 Advisory URL: https://access.redhat.com/errata/RHSA-2005:133.html Issue date: 2005-02-15 Updated on: 2005-02-15 Product: Red Hat Enterprise Linux CVE Names: CAN-2005-0100 - ---------------------------------------------------------------------1. Summary: Updated XEmacs packages that fix a string format issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. 2. Relevant releases/architectures: Red Hat Enterprise Linux AS version 4 - i386, ia64, ppc, s390, s390x, x86_64 Red Hat Enterprise Linux Desktop version 4 - i386, x86_64 Red Hat Enterprise Linux ES version 4 - i386, ia64, x86_64 Red Hat Enterprise Linux WS version 4 - i386, ia64, x86_64 3. Problem description: XEmacs is a powerful, customizable, self-documenting, modeless text editor. Max Vozeler discovered several format string vulnerabilities in the movemail utility of XEmacs. If a user connects to a malicious POP server, an attacker can execute arbitrary code as the user running xemacs. The Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name CAN-2005-0100 to this issue. Users of XEmacs are advised to upgrade to these updated packages, which contain backported patches to correct this issue. 4. Solution: Before applying this update, make sure that all previously-released errata relevant to your system have been applied. Use Red Hat Network to download and update your packages. To launch the Red Hat Update Agent, use thefollowing command: up2date For information on how to install packages manually, refer to the following Web page for the System Administration or Customization guide specific to your system: https://docs.redhat.com/en/documentation/red_hat_enterprise_linux/10/ 5. Bug IDs fixed (http://bugzilla.redhat.com/): 146706 - CAN-2005-0100 Arbitrary code execution in *emacs* 6. RPMs required: Red Hat Enterprise Linux AS version 4: SRPMS: 3578571b8fbfa877446ff2bf2aba4d33 xemacs-21.4.15-10.EL.1.src.rpm i386: 32769fed540b952fa0b13099656c99df xemacs-21.4.15-10.EL.1.i386.rpm 7ea9196d920a918309f882b4ec36daff xemacs-common-21.4.15-10.EL.1.i386.rpm 28a03178e6cda6a0f9ae41a63cf604ce xemacs-el-21.4.15-10.EL.1.i386.rpm 7edc52f8b80c8c108bc8144736a758be xemacs-info-21.4.15-10.EL.1.i386.rpm 7adf376bc1a202d1509c39e17b6ca47d xemacs-nox-21.4.15-10.EL.1.i386.rpm ia64: 5da6d5f42eaf911e2d3531dd6bb3a438 xemacs-21.4.15-10.EL.1.ia64.rpm 0d62c335e2dd1f2b97f6d7700882ce73 xemacs-common-21.4.15-10.EL.1.ia64.rpm 6a55af1abbe00a4ff5fc8bea3f8f362b xemacs-el-21.4.15-10.EL.1.ia64.rpm b014369cff4e33efb41d2e1926f1ebe6 xemacs-info-21.4.15-10.EL.1.ia64.rpm 170a29a6e539d290a8a1e0a4aa04f80a xemacs-nox-21.4.15-10.EL.1.ia64.rpm ppc: 604b838be1c70f78a069838aedd3583f xemacs-21.4.15-10.EL.1.ppc.rpm 19ca8f80d9150c61a4e4532003caa40a xemacs-common-21.4.15-10.EL.1.ppc.rpm 98623c7463fa2f35562a7bac89f24a59 xemacs-el-21.4.15-10.EL.1.ppc.rpm 659cf3c867f3c1089936c0eae8646995 xemacs-info-21.4.15-10.EL.1.ppc.rpm ce04905c75b1c1b4e250ec64b646c088 xemacs-nox-21.4.15-10.EL.1.ppc.rpm s390: 67c1e30c3da90c9f929a0454cda90480 xemacs-21.4.15-10.EL.1.s390.rpm 87f1b473112c1417e3e5005898aeaba7 xemacs-common-21.4.15-10.EL.1.s390.rpm 62b74ac3cc227f94c7385616e6e98bb9 xemacs-el-21.4.15-10.EL.1.s390.rpm 931788a7c98b15bf3971f512e74f6c9a xemacs-info-21.4.15-10.EL.1.s390.rpm 1c4fc34a77f266dd46036f28f2355552 xemacs-nox-21.4.15-10.EL.1.s390.rpm s390x: 43e7f05b16a56833fba58286f84aff3a xemacs-21.4.15-10.EL.1.s390x.rpm 9d5ab2fcf69ede7e50beca7d057c364e xemacs-common-21.4.15-10.EL.1.s390x.rpm 705516d8db6bfae82a7c600db243a55e xemacs-el-21.4.15-10.EL.1.s390x.rpm 0d10cc5bb25fcf0e7f8a135c5d59dfb9 xemacs-info-21.4.15-10.EL.1.s390x.rpm 0f2a83207bd62d69ad51e35c8ba7713a xemacs-nox-21.4.15-10.EL.1.s390x.rpm x86_64: 60675f3441482c33d304cb6ba1c055fc xemacs-21.4.15-10.EL.1.x86_64.rpm 625de01c2f5f6385597ce95fb636a88b xemacs-common-21.4.15-10.EL.1.x86_64.rpm 3dcd4dabcf9e7967ff381f74f8a55804 xemacs-el-21.4.15-10.EL.1.x86_64.rpm 2b0b2d67309d87609dd1d3e7d0cd457f xemacs-info-21.4.15-10.EL.1.x86_64.rpm 2ba03342b10f3002db64e4247eab39e2 xemacs-nox-21.4.15-10.EL.1.x86_64.rpm Red Hat Enterprise Linux Desktop version 4: SRPMS: 3578571b8fbfa877446ff2bf2aba4d33 xemacs-21.4.15-10.EL.1.src.rpm i386: 32769fed540b952fa0b13099656c99df xemacs-21.4.15-10.EL.1.i386.rpm 7ea9196d920a918309f882b4ec36daff xemacs-common-21.4.15-10.EL.1.i386.rpm 28a03178e6cda6a0f9ae41a63cf604ce xemacs-el-21.4.15-10.EL.1.i386.rpm 7edc52f8b80c8c108bc8144736a758be xemacs-info-21.4.15-10.EL.1.i386.rpm 7adf376bc1a202d1509c39e17b6ca47d xemacs-nox-21.4.15-10.EL.1.i386.rpm x86_64: 60675f3441482c33d304cb6ba1c055fc xemacs-21.4.15-10.EL.1.x86_64.rpm 625de01c2f5f6385597ce95fb636a88b xemacs-common-21.4.15-10.EL.1.x86_64.rpm 3dcd4dabcf9e7967ff381f74f8a55804 xemacs-el-21.4.15-10.EL.1.x86_64.rpm 2b0b2d67309d87609dd1d3e7d0cd457f xemacs-info-21.4.15-10.EL.1.x86_64.rpm 2ba03342b10f3002db64e4247eab39e2 xemacs-nox-21.4.15-10.EL.1.x86_64.rpm Red Hat Enterprise Linux ES version 4: SRPMS: 3578571b8fbfa877446ff2bf2aba4d33 xemacs-21.4.15-10.EL.1.src.rpm i386: 32769fed540b952fa0b13099656c99df xemacs-21.4.15-10.EL.1.i386.rpm 7ea9196d920a918309f882b4ec36daff xemacs-common-21.4.15-10.EL.1.i386.rpm 28a03178e6cda6a0f9ae41a63cf604ce xemacs-el-21.4.15-10.EL.1.i386.rpm 7edc52f8b80c8c108bc8144736a758be xemacs-info-21.4.15-10.EL.1.i386.rpm 7adf376bc1a202d1509c39e17b6ca47d xemacs-nox-21.4.15-10.EL.1.i386.rpm ia64: 5da6d5f42eaf911e2d3531dd6bb3a438 xemacs-21.4.15-10.EL.1.ia64.rpm 0d62c335e2dd1f2b97f6d7700882ce73 xemacs-common-21.4.15-10.EL.1.ia64.rpm 6a55af1abbe00a4ff5fc8bea3f8f362b xemacs-el-21.4.15-10.EL.1.ia64.rpm b014369cff4e33efb41d2e1926f1ebe6 xemacs-info-21.4.15-10.EL.1.ia64.rpm 170a29a6e539d290a8a1e0a4aa04f80a xemacs-nox-21.4.15-10.EL.1.ia64.rpm x86_64: 60675f3441482c33d304cb6ba1c055fc xemacs-21.4.15-10.EL.1.x86_64.rpm 625de01c2f5f6385597ce95fb636a88b xemacs-common-21.4.15-10.EL.1.x86_64.rpm 3dcd4dabcf9e7967ff381f74f8a55804 xemacs-el-21.4.15-10.EL.1.x86_64.rpm 2b0b2d67309d87609dd1d3e7d0cd457f xemacs-info-21.4.15-10.EL.1.x86_64.rpm 2ba03342b10f3002db64e4247eab39e2 xemacs-nox-21.4.15-10.EL.1.x86_64.rpm Red Hat Enterprise Linux WS version 4: SRPMS: 3578571b8fbfa877446ff2bf2aba4d33 xemacs-21.4.15-10.EL.1.src.rpm i386: 32769fed540b952fa0b13099656c99df xemacs-21.4.15-10.EL.1.i386.rpm 7ea9196d920a918309f882b4ec36daff xemacs-common-21.4.15-10.EL.1.i386.rpm 28a03178e6cda6a0f9ae41a63cf604ce xemacs-el-21.4.15-10.EL.1.i386.rpm 7edc52f8b80c8c108bc8144736a758be xemacs-info-21.4.15-10.EL.1.i386.rpm 7adf376bc1a202d1509c39e17b6ca47d xemacs-nox-21.4.15-10.EL.1.i386.rpm ia64: 5da6d5f42eaf911e2d3531dd6bb3a438 xemacs-21.4.15-10.EL.1.ia64.rpm 0d62c335e2dd1f2b97f6d7700882ce73 xemacs-common-21.4.15-10.EL.1.ia64.rpm 6a55af1abbe00a4ff5fc8bea3f8f362b xemacs-el-21.4.15-10.EL.1.ia64.rpm b014369cff4e33efb41d2e1926f1ebe6 xemacs-info-21.4.15-10.EL.1.ia64.rpm 170a29a6e539d290a8a1e0a4aa04f80a xemacs-nox-21.4.15-10.EL.1.ia64.rpm x86_64: 60675f3441482c33d304cb6ba1c055fc xemacs-21.4.15-10.EL.1.x86_64.rpm 625de01c2f5f6385597ce95fb636a88b xemacs-common-21.4.15-10.EL.1.x86_64.rpm 3dcd4dabcf9e7967ff381f74f8a55804 xemacs-el-21.4.15-10.EL.1.x86_64.rpm 2b0b2d67309d87609dd1d3e7d0cd457f xemacs-info-21.4.15-10.EL.1.x86_64.rpm 2ba03342b10f3002db64e4247eab39e2 xemacs-nox-21.4.15-10.EL.1.x86_64.rpm These packages are GPG signed by Red Hat forsecurity. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key#package 7. References: https://www.cve.org/CVERecord?id=CAN-2005-0100 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2005 Red Hat, Inc. . Crucial XEmacs patch for CentOS addresses character encoding bug with potential security risks.. XEmacs Security Update, Red Hat Code Execution, XEmacs Risk Mitigation. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 15, 2005 Important Red Hat
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisorymoderatefedora

Fedora: FEDORA-2005-145 Moderate: XEmacs Movemail Format Issue

Update to 21.4.17 stable release, which also fixes the CAN-2005-0100 movemail string format vulnerability.. ---------------------------------------------------------------------Fedora Update Notification FEDORA-2005-145 2005-02-14 ---------------------------------------------------------------------Product : Fedora Core 2 Name : xemacs Version : 21.4.17 Release : 0.FC2 Summary : A different version of Emacs. Description : XEmacs is a highly customizable open source text editor and application development system. It is protected under the GNU Public License and related to other versions of Emacs, in particular GNU Emacs. Its emphasis is on modern graphical user interface support and an open software development model, similar to Linux. This package contains xemacs built for X Windows with MULE support. ---------------------------------------------------------------------Update Information: Update to 21.4.17 stable release, which also fixes the CAN-2005-0100 movemail string format vulnerability. ---------------------------------------------------------------------* Mon Feb 7 2005 Jens Petersen - update to 21.4.17 - fixes movemail format string vulnerability (CAN-2005-0100, 146705) - xemacs-21.4.16-xutil-keysym-144601.patch no longer needed * Tue Jan 25 2005 Jens Petersen - 21.4.16-2 - workaround xorg-x11 issue with iso-level3-shift (Ville Skyttä, 144601) * Mon Dec 13 2004 Jens Petersen - 21.4.16-1 - update to new stable release - no longer need configure-ppc-ldscript.patch and xemacs-21.4.15-pui-120437.patch - default to unified diff in .xemacs/init.el * Thu Nov 18 2004 Jens Petersen - 21.4.15-10 - show xemacs again in the desktop menu (132567) * Mon Oct 18 2004 Jens Petersen - 21.4.15-9 - fix etag alternatives removal when uninstalling (Karsten Hopp, 136137) * Wed Oct 6 2004 Jens Petersen - xemacs-el no longer requires xemacs for -nox users (Lars Hupfeldt Nielsen, 134479) * Thu Sep 302004 Jens Petersen - 21.4.15-8 - cleanup and update .desktop file - make xemacs not appear in the desktop menu (Seth Nickell,132567) - move the desktop file from -common to main package - etags is now handled by alternatives (92256) - no longer require ctags - turn back on wnn support and add xemacs-21.4.15-wnnfix-128362.patch (Yukihiro Nakai, 128362) * Tue Jun 15 2004 Elliot Lee - rebuilt * Mon Jun 7 2004 Jens Petersen - 21.4.15-6 - don't link with -export-dynamic on ia64 to stop dumped function pointers from breaking (Roland McGrath & Jakub Jelinek, #106744) - disable dynamic module support on ia64 - change the xemacs-info uninstall script from %postun to %preun and move the post/preun install-info requires to xemacs-info - simplify coding-system setup somewhat in site-start.el - fix up the desktop file (Ville Skyttä, 123135) - xemacs-nox now requires xemacs-sumo - build without xfs since it seems to cause some problem with fonts missing * Wed May 5 2004 Jens Petersen - move install-info requirement to xemacs-info - drop unnecessary Canna-libs requirement ---------------------------------------------------------------------This update can be downloaded from: d97d1380dba413cbddedda2fa141394a SRPMS/xemacs-21.4.17-0.FC2.src.rpm 303906a89774a0bd34d84354859264c6 x86_64/xemacs-21.4.17-0.FC2.x86_64.rpm 104f72f402d2e83af7a6c067c9d37333 x86_64/xemacs-common-21.4.17-0.FC2.x86_64.rpm 0c90a50234004203cfe7e97c3d08ca8d x86_64/xemacs-nox-21.4.17-0.FC2.x86_64.rpm 07f12cb446ffa6c92aada9b2a3411680 x86_64/xemacs-el-21.4.17-0.FC2.x86_64.rpm 9cd30580fc3b572a0bd7defe19d3fa6b x86_64/xemacs-info-21.4.17-0.FC2.x86_64.rpm 18a67f26082b215599a07f2818bd434a x86_64/debug/xemacs-debuginfo-21.4.17-0.FC2.x86_64.rpm 3c01ec4518483f5c39e1fefb7a896d60 i386/xemacs-21.4.17-0.FC2.i386.rpm e640edccfe9d85c6d78b73ab00843662 i386/xemacs-common-21.4.17-0.FC2.i386.rpm bbbef68286645419681a3e5625532d29 i386/xemacs-nox-21.4.17-0.FC2.i386.rpm 68f22b910cefcc42bc020e3331721661 i386/xemacs-el-21.4.17-0.FC2.i386.rpm 2a3bb0839ad8c3a0c173b5791cba6b8d i386/xemacs-info-21.4.17-0.FC2.i386.rpm 69fef3ec6d429bc548a2c602b0a919be i386/debug/xemacs-debuginfo-21.4.17-0.FC2.i386.rpm This update can also be installed with the Update Agent; you can launch the Update Agent with the 'up2date' command. --------------------------------------------------------------------- --------------enig9404029E17EA88AA57787F95 Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE-----Version: GnuPG v1.2.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - iD8DBQFCEX8e8SXyPe8n7dERAiXFAJ9XQFuZ7cNbZKJrlouuqomX5iFdmACfXqQw gu8f/zjzjca00TfoeeUzPNU=IPht -----END PGP SIGNATURE-------------------enig9404029E17EA88AA57787F95-- --===============1329973991=Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline --fedora-announce-list mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. . The latest xemacs 21.4.17 update addresses a string formatting problem with movemail within the Fedora Core 2 environment.. Fedora Core, XEmacs, Software Update, Text Editor, Open Source. . LinuxSecurity.com Team

Calendar 2 Feb 15, 2005 Fedora
Banner 3 1028x280 1708121785 1771599793
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorycriticalremote code execution

Debian: DSA 671-1 Important: XEmacs Format String Vulnerability

Updated xemacs package.. - --------------------------------------------------------------------------Debian Security Advisory DSA 671-1 This email address is being protected from spambots. You need JavaScript enabled to view it. http://www.debian.org/security/ Martin Schulze February 8th, 2005 http://www.debian.org/security/faq - --------------------------------------------------------------------------Package : xemacs21 Vulnerability : format string Problem-Type : remote Debian-specific: no CVE ID : CAN-2005-0100 Max Vozeler discovered several format string vulnerabilities in the movemail utility of Emacs, the well-known editor. Via connecting to a malicious POP server an attacker can execute arbitrary code under the privileges of group mail. For the stable distribution (woody) these problems have been fixed in version 21.4.6-8woody2. For the unstable distribution (sid) these problems have been fixed in version 21.4.16-2. We recommend that you upgrade your emacs packages. Upgrade Instructions - --------------------wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.0 alias woody - -------------------------------- Source archives: Size/MD5 checksum: 1074 171f6e125b07b5557a1a9539de922b76 Size/MD5 checksum: 26534 858f425089cbe261cc22bfabd7c20c43 Size/MD5 checksum: 7898727 2ad6fdbd595cbfa7ed150e0f72e31bd4 Architecture independent components: Size/MD5 checksum: 4386014 aff24460c2104a77ba88bf1b4ee0d3ed Size/MD5 checksum: 1271018 84c7e9871cdca5d03c5a353c8ff0a3a6 Size/MD5 checksum: 9760171e6e768169212d27773a73bd455da8 Alpha architecture: Size/MD5 checksum: 580448 187d3c3464408b0526e0da6b841a6731 Size/MD5 checksum: 2421810 2d78ecb039f98f15fed2753d15bff997 Size/MD5 checksum: 2525422 cda5569e4db68c98cb8e25faf8f21854 Size/MD5 checksum: 2101610 3df092c816c3c7cd86e5f57454857b68 Size/MD5 checksum: 2354032 129c25cb4d7863cd3220cc6da24f20bf Size/MD5 checksum: 2460292 e6da7dffb7adbc22ef1bb25e1a7be340 Size/MD5 checksum: 2058930 6c49e0a69513eddd47088555ed6b3dc9 ARM architecture: Size/MD5 checksum: 537204 c3a5eb7a9a74793a46b0580a5d538640 Size/MD5 checksum: 2094660 b97afec887bbe9412cd5a1086ae27ce3 Size/MD5 checksum: 2190530 e2d64ff9c998e4ddcb1d850aa1e8456b Size/MD5 checksum: 1835584 4151f9408d4e4d25adb0472a42f4a6a3 Size/MD5 checksum: 2032010 ef2350299bef5bedb37cd19d3f4e91d9 Size/MD5 checksum: 2121292 7c1b79d91ecbee44832acbb318191889 Size/MD5 checksum: 1791656 987a2a160b865de276ba92aa8f74ee0e Intel IA-32 architecture: Size/MD5 checksum: 531076 e65d37f2fd9eeb6e59daa41ad7ebae82 Size/MD5 checksum: 2023450 9d78c33b6144b188277d8ba254b47a27 Size/MD5 checksum: 2106246 d6d4a671f08c5c56777ac9756c697ed9 Size/MD5 checksum: 1770586 6b6eea65ba459a5a4b92f6c7f2cab85c Size/MD5 checksum: 1951628 e9b396f7c2e1eea680210811ea557abf Size/MD5 checksum: 2025806 69d40b285f354dec9daa4bc965c3717c Size/MD5 checksum: 1717190 e4b9ebdeda765d5b1b6b3c223da0c2bf Intel IA-64 architecture: Size/MD5 checksum: 625504 39a41e6cb27eb4c39fa061d297ec0c90 Size/MD5 checksum: 2711560 04422ee233798df0903fce907fbbe9fa Size/MD5 checksum: 2843090 01ab68f4a76880fb563f5851df560653 Size/MD5 checksum: 2366896 4c77d04e65316eda945c7f7b62431e87 Size/MD5 checksum: 2660828 31ab16a84a027c47ef742dde4ae5be85 Size/MD5checksum: 2799262 1241735510e66d72bf41d60e43f2a369 Size/MD5 checksum: 2336530 ff23ca5e111c9b117f90e97874fbfb81 Big endian MIPS architecture: Size/MD5 checksum: 558124 8c0d4c9a7e0e599e8b8526c415da81ff Size/MD5 checksum: 2195440 b3d55e6877728950b18e96f7493fabf0 Size/MD5 checksum: 2286100 9d7d7e67f80f2b50c9629cdeb7ab02f6 Size/MD5 checksum: 1927926 636349330540adbe8948d691a9664c0c Size/MD5 checksum: 2133942 0f7ef8e90e50c70bcd2a21de7e15f866 Size/MD5 checksum: 2210340 bc3a32dd12b0a7ffe3a24a21222aff5f Size/MD5 checksum: 1884858 78e29349e073b1530597b8ddfdbe7fc7 Little endian MIPS architecture: Size/MD5 checksum: 557652 0c66d1356d675aa3a851852868bf1474 Size/MD5 checksum: 2145012 849832ea07d99b8c9c34aa0f8d0f07a2 Size/MD5 checksum: 2232936 1d0547bfceb6438302508e4303882026 Size/MD5 checksum: 1884032 b02862c6d3b9f54b00c5da9563cea642 Size/MD5 checksum: 2087790 a45c0b783e8f89a6f90000853de82d97 Size/MD5 checksum: 2160484 71eb4b77eab06a699136c46c381411ba Size/MD5 checksum: 1842970 66bc0a6ab8b6e206ec5547a50cd1dc90 PowerPC architecture: Size/MD5 checksum: 543242 676657598fc9fc1cdd7a78d00ad382c1 Size/MD5 checksum: 2151626 fd25f9c884831e0773a60f5558570fb6 Size/MD5 checksum: 2246958 82b13b39d6321ef513eeac576d1ac542 Size/MD5 checksum: 1890260 661caa995cdf5b32dd85bfe40cc2291c Size/MD5 checksum: 2089262 472f238a0aa1af047842012664a6009b Size/MD5 checksum: 2159034 35bd5b545006e5f49598e5c7fcddc904 Size/MD5 checksum: 1838876 0841e2ea39bf16ca83a137d0d0fc0952 IBM S/390 architecture: Size/MD5 checksum: 540628 367af36ba2af7112f6960507b6028313 Size/MD5 checksum: 2126568 385279e981a6aa5816d32817c95e2d6c Size/MD5 checksum: 2214740 f3e3d2c9da3342a520be8dae7d4a4cde Size/MD5 checksum: 18657603d4900f641af12cf836ee1a346388871 Size/MD5 checksum: 2062040 4bec5cfdf3ae855f5e32d72af45f2a0c Size/MD5 checksum: 2133634 1d8bc2ad4f5074a5392f75e2a5ffd38f Size/MD5 checksum: 1815436 5563da798b2587f63c315abcf43821dd Sun Sparc architecture: Size/MD5 checksum: 561414 c18759a402b17fc3e03c64ea985600d9 Size/MD5 checksum: 2122166 c0584bbb69dd8e2547d4d84878e4f6ee Size/MD5 checksum: 2212100 3d6aa37784918a7be79240b03c654d87 Size/MD5 checksum: 1861558 4ddeb1f266dffebc135d5b6f01454915 Size/MD5 checksum: 2050316 519b2fda5b2528a32e95b87f2da5c7e8 Size/MD5 checksum: 2127898 e7f92723f2e505c0ff95a426a760d9c3 Size/MD5 checksum: 1807234 d769ccf2b75911a474e5b6fc4a29c05d These files will probably be moved into the stable distribution on its next update. - ---------------------------------------------------------------------------------For apt-get: deb https://www.debian.org/security/ stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. . The Ubuntu Security Notice details remediation for potential vulnerabilities in Gnumeric. Users encouraged to upgrade.. XEmacs Update, Debian Security Advisory, Code Execution Fix. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Feb 08, 2005 Important Debian
87
Ls Advisories Debian Esm H240
Price Tag 1security advisorybuffer overflowdebian

Debian: DSA-042-1 Critical: Gnuserv Buffer Overflow Threat

Klaus Frank has found a vulnerability in the way gnuserv handled remote connections.. ---------------------------------------------------------------------------- Debian Security Advisory DSA-042-1 This email address is being protected from spambots. You need JavaScript enabled to view it. Debian -- Security Information Martin Schulze March 8, 2001 ---------------------------------------------------------------------------- Packages : gnuserv, xemacs21 Vulnerability : buffer overflow and weak security Type : remote vulnerability Debian-specific: no Fixed version : gnuserv 2.1alpha-5.1 (potato) and 2.1alpha-5.1.1 (unstable) xemacs 21.1.10-5 (potato) and xemacs 21.1.14-1 (unstable) Klaus Frank has found a vulnerability in the way gnuserv handled remote connections. Gnuserv is a remote control facility for Emacsen which is available as standalone program as well as included in XEmacs21. Gnuserv has a buffer for which insufficient boundary checks were made. Unfortunately this buffer affected access control to gnuserv which is using a MIT-MAGIC-COOCKIE based system. It is possible to overflow the buffer containing the cookie and foozle cookie comparison. Gnuserv was derived from emacsserver which is part of GNU Emacs. It's was reworked completely and not much is to be left over from its time as part of GNU Emacs. Therefore the versions of emacssserver in both Emacs19 and Emacs20 doesn't look vulnerable to this bug, they don't even provide a MIT-MAGIC-COOKIE based mechanism. This could lead into a remote user issue commands under the UID of the person running gnuserv. We recommend you upgrade your xemacs21 and gnuserv packages immediately. wget url will fetch the file for you dpkg -i file.deb will install the referenced file. You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 2.2 alias potato ------------------------------------ Potato was released for the alpha, arm, i386, m68k, powerpc andsparc architectures. Source archives: MD5 checksum: 322ac99415fc18dff4fba89b7e9d33e2 MD5 checksum: 1c32ce9a3b447a632405ff2fbf22e068 MD5 checksum: 00295f97203b334c1e0866938a3ced2c MD5 checksum: 73e8ebc9a0c3cb0dfaeb77a9b29c3d15 MD5 checksum: 9561ccc3dc9fa693f18d32899d7ea7fa MD5 checksum: f0d81a84f002bb7c055a0e821244bbbf Architecture independent: MD5 checksum: 32e7d8ba231c46c81bf833407826de18 MD5 checksum: 8aeb8891623ea08695acfe20c0e1bc59 MD5 checksum: 3fd6e13ada6764e2d9022f7abd891d29 Intel ia32 architecture: MD5 checksum: 8ca49d40223b7957ceaa120c0389c452 MD5 checksum: 49c3e9d6d458bcf872c8fdc9c5190d87 MD5 checksum: b5aa1fe986c19ca6de87fb8a9a0d54a9 MD5 checksum: 7704f26ef1feba21b9efe6eeaa219188 MD5 checksum: 908c624bdd867a503cdc11ca8a01b6d8 Motorola 680x0 architecture: MD5 checksum: 0b75ebde7771cf528991ce628bf32237 Sun Sparc architecture: MD5 checksum: dff7d55ef771e9473d3c74727082b608 MD5 checksum: 69c0d27b079247d30e35807926d20dd2 MD5 checksum: d402e35fde19d61ceb3bafe11a28fa16 MD5 checksum: 7865e5f17dc9dca1121935c95c6eae99 MD5 checksum: 5fed990482ab774d27d32ca4b7308797 Alpha architecture: MD5 checksum: c0c2769f62b22c8f24eed97bc47b350a MD5 checksum: 5b0bae2e1046d8fd1ffc2084a3fe2047 MD5 checksum: 1f1761b6d4f959f8816b50e6c2e1a611 MD5 checksum: 3066ed7a509e790854b953f99c753b5f MD5 checksum: 7b86887ccd3879ec6717395873a3b52c PowerPC architecture: MD5 checksum: 128ba2bdd4f6b231af2275c919c9bbae MD5 checksum: 1967a6162b77f32bf58f528990972f33 MD5 checksum: 51867ec12d1d08af8e212f722c3a9b9f MD5 checksum: 4e3898da9f797f4c571fa9929efdef22 MD5 checksum: 910a72e5201fc31cff2887d9c6e654b8 ARM architecture: MD5 checksum: d320a2e110eb02eeed570d61917c5ef5 MD5 checksum: 7902fb226cdf3a19e39344fc308a6c14 MD5 checksum: 51875500719629b32973455aa7e5a275 MD5 checksum: 9199cdd445d590a22368409c7781a4f1 MD5 checksum: 88cb5511e1c5e4ee328dc233421c5731 These files will be moved into soon. For not yet released architectures please refer to the appropriate directory . ---------------------------------------------------------------------------- For apt-get: deb Debian -- Security Information stable/updates main For dpkg-ftp: dists/stable/updates/main Mailing list: This email address is being protected from spambots. You need JavaScript enabled to view it. Package info: `apt-cache show ' and https://www.debian.org/distrib/packages . Critical vulnerability identified in Fedora's emacs and gnome-terminal packages requires immediate remediation.. Debian Security Advisory, Buffer Overflow, Gnuserv, Xemacs. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Mar 09, 2001 Critical Debian
Banner 3 1028x280 1708121785 1771599793
98
Ls Advisories Redhat Esm H240
Price Tag 1security advisorybuffer overflowcritical

Red Hat Powertools 6.2 RHSA-2001:011-03 Critical: XEmacs Buffer Overflow

The XEmacs package as shipped with Red Hat PowerTools 6.2 has a securityproblem with gnuserv and gnuclient, due to a buffer overflow and weaksecurity.. ` --------------------------------------------------------------------- Red Hat, Inc. Red Hat Security Advisory Synopsis: Updated XEmacs packages available for Red Hat Powertools 6.2 Advisory ID: RHSA-2001:011-03 Issue date: 2001-02-02 Updated on: 2001-02-06 Product: Red Hat Powertools Keywords: xemacs gnuserv gnuclient Cross references: Obsoletes: --------------------------------------------------------------------- 1. Topic: 2. Relevant releases/architectures: Red Hat Powertools 6.2 - alpha, i386, sparc 3. Problem description: The XEmacs package as shipped with Red Hat PowerTools 6.2 has a security problem with gnuserv and gnuclient, due to a buffer overflow and weak security. Note that this package obsoletes xemacs-mule (this is now compiled into the main binary), xemacs-static, xemacs-extras and xemacs-noX, as this is a backport of a newer xemacs package. 4. Solution: To update all RPMs for your particular architecture, run: rpm -Fvh where is a list of the RPMs you wish to upgrade. Only those RPMs which are currently installed will be updated. Those RPMs which are not installed but included in the list will not be updated. Note that you can also use wildcards (*.rpm) if your current directory *only* contains the desired RPMs. Please note that this update is also available via Red Hat Network. Many people find this an easier way to apply updates. To use Red Hat Network, launch the Red Hat Update Agent with the following command: up2date This will start an interactive process that will result in the appropriate RPMs being upgraded on your system. 5. Bug IDs fixed ( for more info): 6. RPMs required: Red Hat Powertools 6.2: alpha: i386: sparc: 7. Verification: MD5 sum PackageName -------------------------------------------------------------------------- 963901255ab8377baf92bcc8f3ec30b3 6.2/alpha/xemacs-21.1.14-2.62.alpha.rpm c1fa617399ff85af31c5d31e314249a8 6.2/alpha/xemacs-el-21.1.14-2.62.alpha.rpm e190d32da1a92132d53ee734a93b43cb 6.2/alpha/xemacs-info-21.1.14-2.62.alpha.rpm 661aae1be3097c403df3d38eb5f6ae80 6.2/i386/xemacs-21.1.14-2.62.i386.rpm 03fab61adb2f874f95dfc895e1ede878 6.2/i386/xemacs-el-21.1.14-2.62.i386.rpm bae82e4622a0b4b810eaa690446442b5 6.2/i386/xemacs-info-21.1.14-2.62.i386.rpm 5c4a36734b54ebd3be33e9404bbcb8e6 6.2/sparc/xemacs-21.1.14-2.62.sparc.rpm ef99cb1d6d1d2a0f90f034d4a3a0697f 6.2/sparc/xemacs-el-21.1.14-2.62.sparc.rpm e4a34278881cc1ec29f817bbcfc8f52b 6.2/sparc/xemacs-info-21.1.14-2.62.sparc.rpm These packages are GPG signed by Red Hat, Inc. for security. Our key is available at: You can verify each package with the following command: rpm --checksig If you only wish to verify that each package has not been corrupted or tampered with, examine only the md5sum with the following command: rpm --checksig --nogpg 8. References: Copyright(c) 2000, 2001 Red Hat, Inc. `. Updated XEmacs patches for Red Hat Powertools 6.2 released to address critical buffer overflow vulnerabilities. Apply patches without delay!. XEmacs Security, Package Update, Buffer Overflow. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Feb 06, 2001 Critical Red Hat
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here