View Full Version : USN-504-1: Emacs vulnerability

August 28th, 2007, 11:50 PM
Referenced CVEs:

================================================== ========= Ubuntu Security Notice USN-504-1 August 28, 2007 emacs21 vulnerability CVE-2007-2833 ================================================== ========= A security issue affects the following Ubuntu releases: Ubuntu 6.06 LTS Ubuntu 6.10 Ubuntu 7.04 This advisory also applies to the corresponding versions of Kubuntu, Edubuntu, and Xubuntu. The problem can be corrected by upgrading your system to the following package versions: Ubuntu 6.06 LTS: emacs21 21.4a-3ubuntu2.1 emacs21-nox 21.4a-3ubuntu2.1 Ubuntu 6.10: emacs21 21.4a-6ubuntu2.1 emacs21-nox 21.4a-6ubuntu2.1 Ubuntu 7.04: emacs21 21.4a+1-2ubuntu1.1 emacs21-nox 21.4a+1-2ubuntu1.1 After a standard system upgrade you need to restart emacs to effect the necessary changes. Details follow: Hendrik Tews discovered that emacs21 did not correctly handle certain GIF images. By tricking a user into opening a specially crafted GIF, a remote attacker could cause emacs21 to crash, resulting in a denial of service.

More... (http://www.ubuntu.com/usn/usn-504-1)