TITLE: Mandriva update for emacs SECUNIA ADVISORY ID: SA17496 VERIFY ADVISORY: http://secunia.com/advisories/17496/ CRITICAL: Moderately critical IMPACT: System access WHERE: >From remote OPERATING SYSTEM: Mandrake Corporate Server 2.x http://secunia.com/product/1222/ DESCRIPTION: Mandriva has issued an update for emacs. This fixes a vulnerability, which can be exploited by malicious people to compromise a user's system. The vulnerability is caused due to an error in the handling of Lisp code in local variables, which can be exploited to execute arbitrary commands via a specially crafted text file. SOLUTION: Apply updated packages. Corporate Server 2.1: 48dc24e034b8091dcf425692e3063313 corporate/2.1/RPMS/emacs-21.3-1.1.C21mdk.i586.rpm 2719f8131f4d22cb331e1d9139a5469a corporate/2.1/RPMS/emacs-el-21.3-1.1.C21mdk.i586.rpm 72083c11973082f333e77ab8517ef39d corporate/2.1/RPMS/emacs-leim-21.3-1.1.C21mdk.i586.rpm c08f09ad0fc94583508edd3ba2706743 corporate/2.1/RPMS/emacs-nox-21.3-1.1.C21mdk.i586.rpm 6e6c749452b93361b17270ec94a55f4a corporate/2.1/RPMS/emacs-X11-21.3-1.1.C21mdk.i586.rpm 6a8ed9e75840c8af8c5e498daaa04167 corporate/2.1/SRPMS/emacs-21.3-1.1.C21mdk.src.rpm Corporate Server 2.1/X86_64: 63f47c94136bff5fd82f4486dbef173d x86_64/corporate/2.1/RPMS/emacs-21.3-1.1.C21mdk.x86_64.rpm ea4d960602af4c4f1e7a3899aacbfc38 x86_64/corporate/2.1/RPMS/emacs-el-21.3-1.1.C21mdk.x86_64.rpm 9406e42241f55358662ca7c11afbfbe5 x86_64/corporate/2.1/RPMS/emacs-leim-21.3-1.1.C21mdk.x86_64.rpm 37436bb462c3680e88faf06a8fb71dd7 x86_64/corporate/2.1/RPMS/emacs-nox-21.3-1.1.C21mdk.x86_64.rpm 963f81f300e17c4b72999e146be5f772 x86_64/corporate/2.1/RPMS/emacs-X11-21.3-1.1.C21mdk.x86_64.rpm 6a8ed9e75840c8af8c5e498daaa04167 x86_64/corporate/2.1/SRPMS/emacs-21.3-1.1.C21mdk.src.rpm ORIGINAL ADVISORY: http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:208 ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ----------------------------------------------------------------------