emacs-27.2-8.el9.1
エラータID: AXSA:2023-6067:07
リリース日:
2023/06/16 Friday - 08:57
題名:
emacs-27.2-8.el9.1
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
High
Description:
以下項目について対処しました。
[Security Fix]
- GNU Emacs の etags プログラムには、入力文字列がエスケープ
されていない問題があるため、ローカルの攻撃者により、シェルの
メタ文字を含むファイル名のソースコードを介して、任意のコマンド
の実行を可能とする脆弱性が存在します。(CVE-2022-48337)
- GNU Emacs の ruby-mode.el の ruby-find-library-file 関数には、
feature-name パラメータがエスケープされていない問題があるため、
ローカルの攻撃者により、巧妙に細工された Ruby のソースファイル
を介して、任意のコマンドの実行を可能とする脆弱性が存在します。
(CVE-2022-48338)
- GNU Emacs の htmlfontify.el の hfy-istext-command 関数には、
パラメータが適切にエスケープされていない問題があるため、ローカル
の攻撃者により、シェルのメタ文字を含むファイル名やディレクトリ名
の入力を介して、任意のコマンドの実行を可能とする脆弱性が存在
します。(CVE-2022-48339)
- GNU Emacs の ob-latex.el の org-babel-execute:latex() 関数には、
ローカルの攻撃者により、巧妙に細工されたorg-mode のコードを
介して、任意のコマンドの実行を可能とする脆弱性が存在します。
(CVE-2023-2491)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2022-48337
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input.
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the etags program. For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current working directory has contents that depend on untrusted input.
CVE-2022-48338
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed.
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. The ruby-find-library-file function is an interactive function, and bound to C-c C-f. Inside the function, the external command gem is called through shell-command-to-string, but the feature-name parameters are not escaped. Thus, malicious Ruby source files may cause commands to be executed.
CVE-2022-48339
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the parameter file and parameter srcdir come from external input, and parameters are not escaped. If a file name or directory name contains shell metacharacters, code may be executed.
CVE-2023-2491
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.
A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 8.8 and Red Hat Enterprise Linux 9.2.
追加情報:
N/A
ダウンロード:
SRPMS
- emacs-27.2-8.el9.1.src.rpm
MD5: 022dda78567cccf5f934b47fcf49d389
SHA-256: 9346e83b3af09052d6cb394cb4296f4c699d2552b7493d9d1bd24683fd24bf84
Size: 42.74 MB
Asianux Server 9 for x86_64
- emacs-27.2-8.el9.1.x86_64.rpm
MD5: 41c3fedea59018459818487de02f255b
SHA-256: 858bf89886d07cf9af48258bd23b42a8772f576b5ceaa995b00b839ac5008cce
Size: 3.28 MB - emacs-common-27.2-8.el9.1.x86_64.rpm
MD5: 95aa6caea081367c027e9f408babc13c
SHA-256: eea0e0acf9234e09b259c7c77764c50b0ab03835b4999e4726ea6469ef55e93d
Size: 35.34 MB - emacs-filesystem-27.2-8.el9.1.noarch.rpm
MD5: aa28836a54c8f68ff3c8a33124ebfa6d
SHA-256: 0e01e7e4f581c0de0dcd8c66c6fa5968e0b0f20150068fc324183e128a58a5eb
Size: 7.89 kB - emacs-lucid-27.2-8.el9.1.x86_64.rpm
MD5: d3b03ccc8c03cd716d72061b645cc314
SHA-256: f9f3b7aa7b6e3b84a18482692c937c5e24893af5fedb069594feb418343de7b9
Size: 3.24 MB - emacs-nox-27.2-8.el9.1.x86_64.rpm
MD5: b3d2dcbd85a12d83e8ef38eee2873dbc
SHA-256: 37df8f4239c302bf2048c3cc283726aac155e94cdc56df8d6b5ac2487df83d37
Size: 2.83 MB
English