[Security Announce] [ MDKSA-2007:133 ] - Updated emacs packages fix DoS vulnerability
Posted on: 06/22/2007 02:05 AM

The Mandriva Security Team published a new security update for Mandriva Linux. Here the announcement:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDKSA-2007:133
http://www.mandriva.com/security/
_______________________________________________________________________

Package : emacs
Date : June 21, 2007
Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0
_______________________________________________________________________

Problem Description:

A vulnerability in emacs was discovered where it would crash when
processing certain types of images.

Updated packages have been patched to prevent this issue.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2833
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2007.0:
5b6c583269a56170dbfab8ec91a6c127 2007.0/i586/emacs-21.4-26.1mdv2007.0.i586.rpm
10fb76837275cbf2cb9089100c0260bb 2007.0/i586/emacs-X11-21.4-26.1mdv2007.0.i586.rpm
df405e9c8f08608fff973bdbefaec803 2007.0/i586/emacs-doc-21.4-26.1mdv2007.0.i586.rpm
846e9c831b2e2da9841aff56990f4813 2007.0/i586/emacs-el-21.4-26.1mdv2007.0.i586.rpm
436b047e9f4ad894616e2006ba98aede 2007.0/i586/emacs-leim-21.4-26.1mdv2007.0.i586.rpm
c7f3e34b5f2469dbec0233168368a595 2007.0/i586/emacs-nox-21.4-26.1mdv2007.0.i586.rpm
091ac158a8fc97b2f73d7428a9671e8c 2007.0/SRPMS/emacs-21.4-26.1mdv2007.0.src.rpm

Mandriva Linux 2007.0/X86_64:
0e814af3b50d25458664ee12e4d5d49f 2007.0/x86_64/emacs-21.4-26.1mdv2007.0.x86_64.rpm
bc43eb34f3b3c55294ac846ff25253c6 2007.0/x86_64/emacs-X11-21.4-26.1mdv2007.0.x86_64.rpm
3bcb9f347e4af62142e0f48c01f2750a 2007.0/x86_64/emacs-doc-21.4-26.1mdv2007.0.x86_64.rpm
8f6c536fb51b2a630f1db8d3b17dea36 2007.0/x86_64/emacs-el-21.4-26.1mdv2007.0.x86_64.rpm
c2d22681ba6d4e84d6f45964c321d704 2007.0/x86_64/emacs-leim-21.4-26.1mdv2007.0.x86_64.rpm
dbdc6af562bffec34f07b2a8daf9389a 2007.0/x86_64/emacs-nox-21.4-26.1mdv2007.0.x86_64.rpm
091ac158a8fc97b2f73d7428a9671e8c 2007.0/SRPMS/emacs-21.4-26.1mdv2007.0.src.rpm

Mandriva Linux 2007.1:
daa2487c2ad4f51277bb73e683550743 2007.1/i586/emacs-21.4-26.1mdv2007.1.i586.rpm
2d6ba8b95540b8cef838fb25b5a2f0ca 2007.1/i586/emacs-X11-21.4-26.1mdv2007.1.i586.rpm
f6462dc95548b86d5ba3ab6ecd909565 2007.1/i586/emacs-doc-21.4-26.1mdv2007.1.i586.rpm
8592b212989e50ab9f0ea71752d04c2a 2007.1/i586/emacs-el-21.4-26.1mdv2007.1.i586.rpm
cffbf0e0b31d5389beb4c043bfb811ff 2007.1/i586/emacs-leim-21.4-26.1mdv2007.1.i586.rpm
587d43c0a178c4d82d9599adfab90c99 2007.1/i586/emacs-nox-21.4-26.1mdv2007.1.i586.rpm
af438b7eb4fa07c7beb00b96ff0a87c1 2007.1/SRPMS/emacs-21.4-26.1mdv2007.1.src.rpm

Mandriva Linux 2007.1/X86_64:
4e095cafd4ba2f0c626c10e9e62584d4 2007.1/x86_64/emacs-21.4-26.1mdv2007.1.x86_64.rpm
e90e318aa9b34a89a7a0a446285dd8c3 2007.1/x86_64/emacs-X11-21.4-26.1mdv2007.1.x86_64.rpm
90b1ddc706fef2cb653749a1c661b94d 2007.1/x86_64/emacs-doc-21.4-26.1mdv2007.1.x86_64.rpm
28866ad064d1ddaf56335d28b5196cc4 2007.1/x86_64/emacs-el-21.4-26.1mdv2007.1.x86_64.rpm
3e565393ee53c041ec71e2a245a246b3 2007.1/x86_64/emacs-leim-21.4-26.1mdv2007.1.x86_64.rpm
42f08a63e04abdd986ecb93faad6fde0 2007.1/x86_64/emacs-nox-21.4-26.1mdv2007.1.x86_64.rpm
af438b7eb4fa07c7beb00b96ff0a87c1 2007.1/SRPMS/emacs-21.4-26.1mdv2007.1.src.rpm

Corporate 3.0:
433093d9b5a3449c031788c4ec9f6f79 corporate/3.0/i586/emacs-21.3-9.2.C30mdk.i586.rpm
8bec2225aae23003484050b1510124c3 corporate/3.0/i586/emacs-X11-21.3-9.2.C30mdk.i586.rpm
b2afb37283826371ce34f188e3554c84 corporate/3.0/i586/emacs-el-21.3-9.2.C30mdk.i586.rpm
1b6e2e8e191ce9f37691d5752bc14f1f corporate/3.0/i586/emacs-leim-21.3-9.2.C30mdk.i586.rpm
8d076e4634db179397d9264f5f7e985c corporate/3.0/i586/emacs-nox-21.3-9.2.C30mdk.i586.rpm
8ea76b46a783c22be34d31c3182d24bc corporate/3.0/SRPMS/emacs-21.3-9.2.C30mdk.src.rpm

Corporate 3.0/X86_64:
d9008661e1725ed3803242b86b66f856 corporate/3.0/x86_64/emacs-21.3-9.2.C30mdk.x86_64.rpm
e7cbd4345b8f0fe271c10ff2217ead19 corporate/3.0/x86_64/emacs-X11-21.3-9.2.C30mdk.x86_64.rpm
e53edc2c2251850bcdc644451e7f5f8b corporate/3.0/x86_64/emacs-el-21.3-9.2.C30mdk.x86_64.rpm
17d05ef3d8b45209a53421a032152482 corporate/3.0/x86_64/emacs-leim-21.3-9.2.C30mdk.x86_64.rpm
2e5d14a877dcbb5e84a27c4465580b5b corporate/3.0/x86_64/emacs-nox-21.3-9.2.C30mdk.x86_64.rpm
8ea76b46a783c22be34d31c3182d24bc corporate/3.0/SRPMS/emacs-21.3-9.2.C30mdk.src.rpm

Corporate 4.0:
4a92e9db923f66ee125afe1cab57d879 corporate/4.0/i586/emacs-21.4-20.1.20060mlcs4.i586.rpm
557977031e1d6c13f3c5992f9c3351e3 corporate/4.0/i586/emacs-X11-21.4-20.1.20060mlcs4.i586.rpm
bd55bdff4e1663100053ebd1bdb3b41c corporate/4.0/i586/emacs-nox-21.4-20.1.20060mlcs4.i586.rpm
1914426c524ca6d16b36eaa608b7b665 corporate/4.0/SRPMS/emacs-21.4-20.1.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
f4164672fd56dcf7d12872dd79020a08 corporate/4.0/x86_64/emacs-21.4-20.1.20060mlcs4.x86_64.rpm
14301778acc725204b5bd13f4eac5b55 corporate/4.0/x86_64/emacs-X11-21.4-20.1.20060mlcs4.x86_64.rpm
0acc5aa3acdc0490e2238a659ac60466 corporate/4.0/x86_64/emacs-nox-21.4-20.1.20060mlcs4.x86_64.rpm
1914426c524ca6d16b36eaa608b7b665 corporate/4.0/SRPMS/emacs-21.4-20.1.20060mlcs4.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
lt;security*mandriva.comgt;
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGes5nmqjQ0CJFipgRApDRAKCLINpFqfoP0uw6qm1bcklMH9YnlACdGfjN
DaEJxbHO0TRoa7crt/HTcPU=
=rovg
-----END PGP SIGNATURE-----



Printed from Linux Compatible (http://www.linuxcompatible.org/news/story/security_announce_mdksa_2007133__updated_emacs_packages_fix_dos_vulnerability.html)