emacs-26.1-9.el8

エラータID: AXSA:2023-5965:05

Release date: 
Friday, June 9, 2023 - 10:52
Subject: 
emacs-26.1-9.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.

Security Fix(es):

* emacs: ctags local command execution vulnerability (CVE-2022-45939)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Asianux Server 8.8 Release Notes linked from the References section.

CVE-2022-45939
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input.

Solution: 

Update packages.

CVEs: 
CVE-2022-45939
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input.
Additional Info: 

N/A

Download: 

SRPMS
  1. emacs-26.1-9.el8.src.rpm
    MD5: fb01ea1cdc6238f5017ff7767633869a
    SHA-256: 020c784eed6e8643216f4e53d139d94eee434d28357a6081417b69464a3fbbfe
    Size: 42.32 MB

Asianux Server 8 for x86_64
  1. emacs-26.1-9.el8.x86_64.rpm
    MD5: 6695ba018ca265de23fccc5f02051383
    SHA-256: 278504d1a4afe2028ffad78c6ec3945dcb7c010a08337d93fa3e7ac8c29ff20f
    Size: 3.16 MB
  2. emacs-common-26.1-9.el8.x86_64.rpm
    MD5: 997c7814fa07fd3a8360d88a9ab9ca6a
    SHA-256: 52764644b8fe87f1f92f1e1d3e99c83c88f4706f2e8ea5b2fc07e26402bb7db8
    Size: 38.33 MB
  3. emacs-filesystem-26.1-9.el8.noarch.rpm
    MD5: 6b4d2baf859e6f9ff7a868c199e7db57
    SHA-256: 2cb4984a6e07eeddee295480507dcfdcf8d0d38c6b4873bedf0dfd2c3ee5f5d1
    Size: 68.78 kB
  4. emacs-lucid-26.1-9.el8.x86_64.rpm
    MD5: d37aebb3fcbe4488dc723c073d0ac1da
    SHA-256: a642131d484582218166f539e3e052707bf7c0a8c042debfde8396f4db808033
    Size: 3.13 MB
  5. emacs-nox-26.1-9.el8.x86_64.rpm
    MD5: 47cf7a44cd76429ca3d8ce7d716c2126
    SHA-256: 7d3ad316930cfa5f1085cdf7c9edaeab229d3679aa6acb3d748cad4d19b82ae0
    Size: 2.75 MB
  6. emacs-terminal-26.1-9.el8.noarch.rpm
    MD5: d7d992f5650d021daa6bd2573d7e0398
    SHA-256: 447eb746c6a0d13c18c772a0a34a4fff1902939f57700b789de3cdcd153bfe8e
    Size: 69.46 kB