• [SECURITY] [DSA 5719-1] emacs security update

    From Salvatore Bonaccorso@21:1/5 to All on Tue Jun 25 22:10:01 2024
    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA512

    - ------------------------------------------------------------------------- Debian Security Advisory DSA-5719-1 security@debian.org https://www.debian.org/security/ Salvatore Bonaccorso
    June 25, 2024 https://www.debian.org/security/faq
    - -------------------------------------------------------------------------

    Package : emacs
    CVE ID : CVE-2024-39331
    Debian Bug : 1074137

    It was discovered that Emacs is prone to arbitrary shell code evaluation
    when opening a specially crafted Org file.

    This update includes updates pending for the upcoming point releases
    including other security fixes.

    For the oldstable distribution (bullseye), this problem has been fixed
    in version 1:27.1+1-3.1+deb11u5.

    For the stable distribution (bookworm), this problem has been fixed in
    version 1:28.2+1-15+deb12u3.

    We recommend that you upgrade your emacs packages.

    For the detailed security status of emacs please refer to its security
    tracker page at:
    https://security-tracker.debian.org/tracker/emacs

    Further information about Debian Security Advisories, how to apply
    these updates to your system and frequently asked questions can be
    found at: https://www.debian.org/security/

    Mailing list: debian-security-announce@lists.debian.org
    -----BEGIN PGP SIGNATURE-----

    iQKTBAEBCgB9FiEERkRAmAjBceBVMd3uBUy48xNDz0QFAmZ7IMRfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDQ2 NDQ0MDk4MDhDMTcxRTA1NTMxRERFRTA1NENCOEYzMTM0M0NGNDQACgkQBUy48xND z0RRkQ//VodTfx1QWzYCV1WDvv2c6lekODGI1RQcM91+LRXnq+LsumEP55j5w26V 9O1u3Yze/94BVOzlggM3CzPLGeDS1gYDAGvoaZVrkgsK9k9DCN5vKJ3BSJf6vzj7 wtFVvlmnqIsMLUlu6yUpQlsDw6fhwKqrh4egIigDFSwR8kxzo+wBhTGVfuFLpmxl X0B1xAMWsk8srmWxcgvabMvGhSx+z06QHnsguLWljvk+yEQVfVTYqVA3PxySg/Qk /7SPwEBuWwe0MU6s4pltET/VdNI7nYeG2qSmWZ6ruFcYa2Xctoe+r2kQ02ngipJK RZScLFYmxbRqKDGTayNbXvAE9X6P05bhQvpYoYsnTueYrH5JzB++6Zli43PnT6aj ECMHPl7RKv6JOjqZB4VJpfsLw9S8QBkMPtSZ3zfy8/GSX8/113F8k4ur3pu/S3gH N8FWbygOYw6MrC7LeKKE77k43Tep1bEQPd6EwwlopjIulDg00tEGXXH9JdmXKH0V grgZTPubZvB/RrtW/AHkMrEDGdz9BfEnSxIOrPjbT//9tBVsxSN8jUflxUIoiCew v9yw6YUXKaRrIgcvMy/GMg/uaIZmxvYYVlO4eg7QHQ4trwaTtANjUFIya4PCpegu zjJS/rfx1BKpDDFQhJY25e7Tj6zfLV57GAb/rrZhRHRGQUCaBqQ=
    =62XM
    -----END PGP SIGNATURE-----

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)