Skip to navigation

Security Advisory emacs security update

Advisory: RHSA-2005:110-06
Type: Security Advisory
Severity: Important
Issued on: 2005-02-15
Last updated on: 2005-02-15
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2005-0100

Details

Updated Emacs packages that fix a string format issue are now available for
Red Hat Enterprise Linux 4.

This update has been rated as having important security impact by the Red
Hat Security Response Team

Emacs is a powerful, customizable, self-documenting, modeless text editor.

Max Vozeler discovered several format string vulnerabilities in the
movemail utility of Emacs. If a user connects to a malicious POP server,
an attacker can execute arbitrary code as the user running emacs. The
Common Vulnerabilities and Exposures project (cve.mitre.org) has assigned
the name CAN-2005-0100 to this issue.

Users of Emacs are advised to upgrade to these updated packages, which
contain backported patches to correct this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Desktop (v. 4)

IA-32:
emacs-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: e14739371b9e77a4a378bfe8482bae68
emacs-common-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 4e54441289c467b48a030aae49b5b11d
emacs-el-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: e87076de3bf4ad67983466f6fc381b9f
emacs-leim-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 5f239b2f9044b4bb06356973bce0fbf7
emacs-nox-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 7bb7fd34f5c089056a9cb828d8a08f22
 
x86_64:
emacs-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 533c8768fa5fb1e70b11544eb1b9d4a5
emacs-common-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 76dba36b790c49ce2b8b3d336260cd11
emacs-el-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 9b93ee334811512c29792c8418f85cb6
emacs-leim-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 938772be956ff93dbd1dc9e1a4182a22
emacs-nox-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 39f97ade0ab062a36f5e5dce43e134ab
 
Red Hat Enterprise Linux AS (v. 4)

IA-32:
emacs-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: e14739371b9e77a4a378bfe8482bae68
emacs-common-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 4e54441289c467b48a030aae49b5b11d
emacs-el-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: e87076de3bf4ad67983466f6fc381b9f
emacs-leim-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 5f239b2f9044b4bb06356973bce0fbf7
emacs-nox-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 7bb7fd34f5c089056a9cb828d8a08f22
 
IA-64:
emacs-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 107b4db24feb6f15baf646bd3b216abf
emacs-common-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: ac6fbbd121e3a1e4b77873752508036c
emacs-el-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: e43232ea8746ca44d11005038bdba491
emacs-leim-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 3e56b6f8f4e8018780be9aae9505bb21
emacs-nox-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: a607f49467d0ac4b843bee6976465aa0
 
PPC:
emacs-21.3-19.EL.1.ppc.rpm
File outdated by:  RHBA-2006:0399
    MD5: aa1df458e29f1fc3a9c5683cc63569db
emacs-common-21.3-19.EL.1.ppc.rpm
File outdated by:  RHBA-2006:0399
    MD5: cf1c15b8b68fea1700873af27a6224fb
emacs-el-21.3-19.EL.1.ppc.rpm
File outdated by:  RHBA-2006:0399
    MD5: b329aa4d9525c604cecec7cd8dd51a6e
emacs-leim-21.3-19.EL.1.ppc.rpm
File outdated by:  RHBA-2006:0399
    MD5: cc8d208922f5008ab6804b6a9e63a614
emacs-nox-21.3-19.EL.1.ppc.rpm
File outdated by:  RHBA-2006:0399
    MD5: 9bccad4563f257e4163fea463e36eb82
 
s390:
emacs-21.3-19.EL.1.s390.rpm
File outdated by:  RHBA-2006:0399
    MD5: d88c1758f21c4220c3df0711343908f0
emacs-common-21.3-19.EL.1.s390.rpm
File outdated by:  RHBA-2006:0399
    MD5: ca6a5718a17bdd4bb8658d120f09cc83
emacs-el-21.3-19.EL.1.s390.rpm
File outdated by:  RHBA-2006:0399
    MD5: 82525d517fb1e6b2ece6c6358c06c816
emacs-leim-21.3-19.EL.1.s390.rpm
File outdated by:  RHBA-2006:0399
    MD5: a396774e36429c5ebd427b737903f687
emacs-nox-21.3-19.EL.1.s390.rpm
File outdated by:  RHBA-2006:0399
    MD5: 8462339636d4c473187c91df847a0819
 
s390x:
emacs-21.3-19.EL.1.s390x.rpm
File outdated by:  RHBA-2006:0399
    MD5: 12a3ccc10b35c10326bc6bb5f0debc0b
emacs-common-21.3-19.EL.1.s390x.rpm
File outdated by:  RHBA-2006:0399
    MD5: 3cae3da5240a0f9b58917ebcdccc96b1
emacs-el-21.3-19.EL.1.s390x.rpm
File outdated by:  RHBA-2006:0399
    MD5: e5ecc6b2391f279dbf5e277d294496a9
emacs-leim-21.3-19.EL.1.s390x.rpm
File outdated by:  RHBA-2006:0399
    MD5: 3c03be453391e596378a3ae06b537dc6
emacs-nox-21.3-19.EL.1.s390x.rpm
File outdated by:  RHBA-2006:0399
    MD5: 9d03750e15609eb23e5c782ceeb39d7d
 
x86_64:
emacs-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 533c8768fa5fb1e70b11544eb1b9d4a5
emacs-common-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 76dba36b790c49ce2b8b3d336260cd11
emacs-el-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 9b93ee334811512c29792c8418f85cb6
emacs-leim-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 938772be956ff93dbd1dc9e1a4182a22
emacs-nox-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 39f97ade0ab062a36f5e5dce43e134ab
 
Red Hat Enterprise Linux ES (v. 4)

IA-32:
emacs-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: e14739371b9e77a4a378bfe8482bae68
emacs-common-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 4e54441289c467b48a030aae49b5b11d
emacs-el-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: e87076de3bf4ad67983466f6fc381b9f
emacs-leim-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 5f239b2f9044b4bb06356973bce0fbf7
emacs-nox-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 7bb7fd34f5c089056a9cb828d8a08f22
 
IA-64:
emacs-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 107b4db24feb6f15baf646bd3b216abf
emacs-common-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: ac6fbbd121e3a1e4b77873752508036c
emacs-el-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: e43232ea8746ca44d11005038bdba491
emacs-leim-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 3e56b6f8f4e8018780be9aae9505bb21
emacs-nox-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: a607f49467d0ac4b843bee6976465aa0
 
x86_64:
emacs-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 533c8768fa5fb1e70b11544eb1b9d4a5
emacs-common-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 76dba36b790c49ce2b8b3d336260cd11
emacs-el-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 9b93ee334811512c29792c8418f85cb6
emacs-leim-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 938772be956ff93dbd1dc9e1a4182a22
emacs-nox-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 39f97ade0ab062a36f5e5dce43e134ab
 
Red Hat Enterprise Linux WS (v. 4)

IA-32:
emacs-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: e14739371b9e77a4a378bfe8482bae68
emacs-common-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 4e54441289c467b48a030aae49b5b11d
emacs-el-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: e87076de3bf4ad67983466f6fc381b9f
emacs-leim-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 5f239b2f9044b4bb06356973bce0fbf7
emacs-nox-21.3-19.EL.1.i386.rpm
File outdated by:  RHBA-2006:0399
    MD5: 7bb7fd34f5c089056a9cb828d8a08f22
 
IA-64:
emacs-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 107b4db24feb6f15baf646bd3b216abf
emacs-common-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: ac6fbbd121e3a1e4b77873752508036c
emacs-el-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: e43232ea8746ca44d11005038bdba491
emacs-leim-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 3e56b6f8f4e8018780be9aae9505bb21
emacs-nox-21.3-19.EL.1.ia64.rpm
File outdated by:  RHBA-2006:0399
    MD5: a607f49467d0ac4b843bee6976465aa0
 
x86_64:
emacs-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 533c8768fa5fb1e70b11544eb1b9d4a5
emacs-common-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 76dba36b790c49ce2b8b3d336260cd11
emacs-el-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 9b93ee334811512c29792c8418f85cb6
emacs-leim-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 938772be956ff93dbd1dc9e1a4182a22
emacs-nox-21.3-19.EL.1.x86_64.rpm
File outdated by:  RHBA-2006:0399
    MD5: 39f97ade0ab062a36f5e5dce43e134ab
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

146702 - CAN-2005-0100 Arbitrary code execution in *emacs*


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/