Skip to navigation

Security Advisory emacs security update

Advisory: RHSA-2005:112-03
Type: Security Advisory
Severity: Important
Issued on: 2005-02-10
Last updated on: 2005-02-10
Affected Products: Red Hat Desktop (v. 3)
Red Hat Enterprise Linux AS (v. 2.1)
Red Hat Enterprise Linux AS (v. 3)
Red Hat Enterprise Linux ES (v. 2.1)
Red Hat Enterprise Linux ES (v. 3)
Red Hat Enterprise Linux WS (v. 2.1)
Red Hat Enterprise Linux WS (v. 3)
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor
CVEs (cve.mitre.org): CVE-2005-0100

Details

Updated Emacs packages that fix a string format issue are now available.

Emacs is a powerful, customizable, self-documenting, modeless text editor.

Max Vozeler discovered several format string vulnerabilities in the
movemail utility of Emacs. If a user connects to a malicious POP server, an
attacker can execute arbitrary code as the user running emacs. The Common
Vulnerabilities and Exposures project (cve.mitre.org) has assigned the name
CAN-2005-0100 to this issue.

Users of Emacs are advised to upgrade to these updated packages, which
contain backported patches to correct this issue.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied. Use Red Hat
Network to download and update your packages. To launch the Red Hat
Update Agent, use the following command:

up2date

For information on how to install packages manually, refer to the
following Web page for the System Administration or Customization
guide specific to your system:

http://www.redhat.com/docs/manuals/enterprise/

Updated packages

Red Hat Desktop (v. 3)

IA-32:
emacs-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: 7c2da1fc15e4d71c90ed05fcaf7f2aff
emacs-el-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: e3288f21fab6feb6709c283e206f3b09
emacs-leim-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: 1cc586a20f047c0d5a3245bf2b4a9d12
 
x86_64:
emacs-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: c8f3808bce03e80e42a7882f3669046f
emacs-el-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: fc0c5e3f92832839fe21ff5907e2a64e
emacs-leim-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: 027a0799972d81241e5b04917c092678
 
Red Hat Enterprise Linux AS (v. 2.1)

IA-32:
emacs-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: d69a461fb714a8320df49cd0bc0a2948
emacs-X11-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: 81d716a2780da4bd70b2e9ff65a59e04
emacs-el-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: e791e0b8b5d3fdb9302dba7cffd6600d
emacs-leim-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: b3460f46f0aca2143b255e5664d0cbcf
emacs-nox-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: 23a6cddea1a2d693da09ef6ce6a04cb4
 
IA-64:
emacs-20.7-41.2.ia64.rpm
File outdated by:  RHBA-2005:833
    MD5: 9907122cb87f25b145fc64d249e1f373
emacs-X11-20.7-41.2.ia64.rpm
File outdated by:  RHBA-2005:833
    MD5: a5c29b47a726c3464cea29db223bf0a3
emacs-el-20.7-41.2.ia64.rpm
File outdated by:  RHBA-2005:833
    MD5: b9bb6d89f90ca8c04621c1f4658a02e3
emacs-leim-20.7-41.2.ia64.rpm
File outdated by:  RHBA-2005:833
    MD5: 5f524f16502e44f00fbada64070ac220
emacs-nox-20.7-41.2.ia64.rpm
File outdated by:  RHBA-2005:833
    MD5: 4d0fbe779bed8c187f3ffea7829e15f0
 
Red Hat Enterprise Linux AS (v. 3)

IA-32:
emacs-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: 7c2da1fc15e4d71c90ed05fcaf7f2aff
emacs-el-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: e3288f21fab6feb6709c283e206f3b09
emacs-leim-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: 1cc586a20f047c0d5a3245bf2b4a9d12
 
IA-64:
emacs-21.3-4.1.ia64.rpm
File outdated by:  RHBA-2006:0401
    MD5: 3e09e53a65636ac4046db955d9b21e0a
emacs-el-21.3-4.1.ia64.rpm
File outdated by:  RHBA-2006:0401
    MD5: 470539029a0dc531e2f0982015624231
emacs-leim-21.3-4.1.ia64.rpm
File outdated by:  RHBA-2006:0401
    MD5: f26f3a45cecbb9faae945ba862cc3308
 
PPC:
emacs-21.3-4.1.ppc.rpm
File outdated by:  RHBA-2006:0401
    MD5: 3074759a6d154377204e1b40119c1a34
emacs-el-21.3-4.1.ppc.rpm
File outdated by:  RHBA-2006:0401
    MD5: d523a8d4b7248f5c9733cf56568ab32e
emacs-leim-21.3-4.1.ppc.rpm
File outdated by:  RHBA-2006:0401
    MD5: 52a931ab8acae24e97b61808cf2155a0
 
s390:
emacs-21.3-4.1.s390.rpm
File outdated by:  RHBA-2006:0401
    MD5: 3adbd2b469cb0f3a1806127d995aee61
emacs-el-21.3-4.1.s390.rpm
File outdated by:  RHBA-2006:0401
    MD5: 9660ccd43c5d52d61a67df0d3dee06aa
emacs-leim-21.3-4.1.s390.rpm
File outdated by:  RHBA-2006:0401
    MD5: 93866792827d67299f54d1b5ec607275
 
s390x:
emacs-21.3-4.1.s390x.rpm
File outdated by:  RHBA-2006:0401
    MD5: 0072da2a620ada0451182e160af05756
emacs-el-21.3-4.1.s390x.rpm
File outdated by:  RHBA-2006:0401
    MD5: b56396b351324f8e5f196479bd767f0e
emacs-leim-21.3-4.1.s390x.rpm
File outdated by:  RHBA-2006:0401
    MD5: e499de9b21b997711499ba6d337ebbf0
 
x86_64:
emacs-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: c8f3808bce03e80e42a7882f3669046f
emacs-el-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: fc0c5e3f92832839fe21ff5907e2a64e
emacs-leim-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: 027a0799972d81241e5b04917c092678
 
Red Hat Enterprise Linux ES (v. 2.1)

IA-32:
emacs-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: d69a461fb714a8320df49cd0bc0a2948
emacs-X11-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: 81d716a2780da4bd70b2e9ff65a59e04
emacs-el-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: e791e0b8b5d3fdb9302dba7cffd6600d
emacs-leim-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: b3460f46f0aca2143b255e5664d0cbcf
emacs-nox-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: 23a6cddea1a2d693da09ef6ce6a04cb4
 
Red Hat Enterprise Linux ES (v. 3)

IA-32:
emacs-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: 7c2da1fc15e4d71c90ed05fcaf7f2aff
emacs-el-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: e3288f21fab6feb6709c283e206f3b09
emacs-leim-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: 1cc586a20f047c0d5a3245bf2b4a9d12
 
IA-64:
emacs-21.3-4.1.ia64.rpm
File outdated by:  RHBA-2006:0401
    MD5: 3e09e53a65636ac4046db955d9b21e0a
emacs-el-21.3-4.1.ia64.rpm
File outdated by:  RHBA-2006:0401
    MD5: 470539029a0dc531e2f0982015624231
emacs-leim-21.3-4.1.ia64.rpm
File outdated by:  RHBA-2006:0401
    MD5: f26f3a45cecbb9faae945ba862cc3308
 
x86_64:
emacs-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: c8f3808bce03e80e42a7882f3669046f
emacs-el-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: fc0c5e3f92832839fe21ff5907e2a64e
emacs-leim-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: 027a0799972d81241e5b04917c092678
 
Red Hat Enterprise Linux WS (v. 2.1)

IA-32:
emacs-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: d69a461fb714a8320df49cd0bc0a2948
emacs-X11-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: 81d716a2780da4bd70b2e9ff65a59e04
emacs-el-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: e791e0b8b5d3fdb9302dba7cffd6600d
emacs-leim-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: b3460f46f0aca2143b255e5664d0cbcf
emacs-nox-20.7-41.2.i386.rpm
File outdated by:  RHBA-2005:833
    MD5: 23a6cddea1a2d693da09ef6ce6a04cb4
 
Red Hat Enterprise Linux WS (v. 3)

IA-32:
emacs-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: 7c2da1fc15e4d71c90ed05fcaf7f2aff
emacs-el-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: e3288f21fab6feb6709c283e206f3b09
emacs-leim-21.3-4.1.i386.rpm
File outdated by:  RHBA-2006:0401
    MD5: 1cc586a20f047c0d5a3245bf2b4a9d12
 
IA-64:
emacs-21.3-4.1.ia64.rpm
File outdated by:  RHBA-2006:0401
    MD5: 3e09e53a65636ac4046db955d9b21e0a
emacs-el-21.3-4.1.ia64.rpm
File outdated by:  RHBA-2006:0401
    MD5: 470539029a0dc531e2f0982015624231
emacs-leim-21.3-4.1.ia64.rpm
File outdated by:  RHBA-2006:0401
    MD5: f26f3a45cecbb9faae945ba862cc3308
 
x86_64:
emacs-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: c8f3808bce03e80e42a7882f3669046f
emacs-el-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: fc0c5e3f92832839fe21ff5907e2a64e
emacs-leim-21.3-4.1.x86_64.rpm
File outdated by:  RHBA-2006:0401
    MD5: 027a0799972d81241e5b04917c092678
 
Red Hat Linux Advanced Workstation 2.1 for the Itanium Processor

IA-64:
emacs-20.7-41.2.ia64.rpm
File outdated by:  RHBA-2005:833
    MD5: 9907122cb87f25b145fc64d249e1f373
emacs-X11-20.7-41.2.ia64.rpm
File outdated by:  RHBA-2005:833
    MD5: a5c29b47a726c3464cea29db223bf0a3
emacs-el-20.7-41.2.ia64.rpm
File outdated by:  RHBA-2005:833
    MD5: b9bb6d89f90ca8c04621c1f4658a02e3
emacs-leim-20.7-41.2.ia64.rpm
File outdated by:  RHBA-2005:833
    MD5: 5f524f16502e44f00fbada64070ac220
emacs-nox-20.7-41.2.ia64.rpm
File outdated by:  RHBA-2005:833
    MD5: 4d0fbe779bed8c187f3ffea7829e15f0
 

Bugs fixed (see bugzilla for more information)

146700 - CAN-2005-0100 Arbitrary code execution in *emacs*


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/