emacs-27.2-8.el9

エラータID: AXSA:2023-5619:03

Release date: 
Monday, May 29, 2023 - 12:46
Subject: 
emacs-27.2-8.el9
Affected Channels: 
MIRACLE LINUX 9 for x86_64
Severity: 
Moderate
Description: 

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.

Security Fix(es):

* emacs: ctags local command execution vulnerability (CVE-2022-45939)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the MIRACLE LINUX 9.2 Release Notes linked from the References section.

CVE-2022-45939
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input.

Solution: 

Update packages.

CVEs: 
CVE-2022-45939
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input.
Additional Info: 

N/A

Download: 

SRPMS
  1. emacs-27.2-8.el9.src.rpm
    MD5: cef4c35bdd9e1b3e28e72f371f70996a
    SHA-256: c10a8cceb32a3afd5a88e79edfc8323251f717782d153af29290095435cc2204
    Size: 42.73 MB

Asianux Server 9 for x86_64
  1. emacs-27.2-8.el9.x86_64.rpm
    MD5: 91d22dbaedbc0ae843670916505829b4
    SHA-256: 27f0b521541842aab8a2e31ba5b9853646cfbfa1cf3e27c2f2467a7b33aee853
    Size: 3.28 MB
  2. emacs-common-27.2-8.el9.x86_64.rpm
    MD5: dcd00395a6a16b1531b5d2bfda365e45
    SHA-256: fcd0ae8727264dc40847c3a9a670eb8604ce01fdad56d3d45eb24f5d23b2a3ae
    Size: 35.30 MB
  3. emacs-filesystem-27.2-8.el9.noarch.rpm
    MD5: 4be7ddffadec2a1a42d8a4a9d3aa3aa8
    SHA-256: 52bfc7cd55abfbeb1ed8b7dc3837eca41c2e605dae7dd29160b17da7be6591c7
    Size: 7.80 kB
  4. emacs-lucid-27.2-8.el9.x86_64.rpm
    MD5: 7b3cac20d2b8c1b54471da96bde63604
    SHA-256: 08b175328ad33356aff659c8c939afe75a825f4e6efe2556c0426bd29603775e
    Size: 3.24 MB
  5. emacs-nox-27.2-8.el9.x86_64.rpm
    MD5: f22fe9bf0f03cd66a150a3587a0621ff
    SHA-256: 8663f27f80d8f993406d3e0a7abbb49ba15713f5e09567d5c69c4baa0084dd75
    Size: 2.83 MB