Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:2010: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.
Red Hat Security Data
#vulnerability#mac#linux#red_hat#ibm#sap

Synopsis

Important: emacs security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for emacs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.

Security Fix(es):

  • emacs: command injection vulnerability in org-mode (CVE-2023-28617)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0 x86_64
  • Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0 aarch64
  • Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0 s390x

Fixes

  • BZ - 2180544 - CVE-2023-28617 emacs: command injection vulnerability in org-mode

Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.0

SRPM

emacs-27.2-6.el9_0.1.src.rpm

SHA-256: e9be642d59c29aa8097e80c6997222abbe4d591b994628d078d9cb7b6fcde802

x86_64

emacs-27.2-6.el9_0.1.x86_64.rpm

SHA-256: f3e856d8537e1fc72a7f0eddab9601cff1e4751ee922f265caed38ab6dec69bf

emacs-common-27.2-6.el9_0.1.x86_64.rpm

SHA-256: 354dc6bff8ba3e4d2f2af9b9b2661045338ddace9f80398c642ccc3fcfa8a795

emacs-common-debuginfo-27.2-6.el9_0.1.x86_64.rpm

SHA-256: 0f9510a36e6003c97f3f8c73be82f86ba96fa7156aedbe2ffae408230fe6ee0f

emacs-debuginfo-27.2-6.el9_0.1.x86_64.rpm

SHA-256: d085afbfeb53bb69e6e79a953e3c48f40d0a587638aefb5b166ff84b3e800884

emacs-debugsource-27.2-6.el9_0.1.x86_64.rpm

SHA-256: e28451ba824e823ae98918c11e25e2b4c56b78e6856abfa78fd154740570a0ab

emacs-filesystem-27.2-6.el9_0.1.noarch.rpm

SHA-256: 3c6e0ca7903e6280f8fb6464a55aa86efdee62744d7b373734f1e4c1b33dcc27

emacs-lucid-27.2-6.el9_0.1.x86_64.rpm

SHA-256: 0eb221a9d09d793895d1f315af9b4c0088a2f6f0e82747d09800a04e5f42f0fb

emacs-lucid-debuginfo-27.2-6.el9_0.1.x86_64.rpm

SHA-256: 4b50bb77bc76531fe13ae3ebb82a6a740dae40a2dee493215a1b108068c6b320

emacs-nox-27.2-6.el9_0.1.x86_64.rpm

SHA-256: e880ba3b5c9bbf810142b58333d8f210df72e23ec47b1c7db002270456aec667

emacs-nox-debuginfo-27.2-6.el9_0.1.x86_64.rpm

SHA-256: f9f717e4a6b660efde0fc20259cc38cab1efad87dfe1372ac5e66ff61558a00b

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.0

SRPM

emacs-27.2-6.el9_0.1.src.rpm

SHA-256: e9be642d59c29aa8097e80c6997222abbe4d591b994628d078d9cb7b6fcde802

s390x

emacs-27.2-6.el9_0.1.s390x.rpm

SHA-256: 4d9124b582e490e35d1c88a75f14a90ada8ce6ebb81f1d2b566b717384849365

emacs-common-27.2-6.el9_0.1.s390x.rpm

SHA-256: 40aac13f51662300d5d4981e279762bd1f6ae621122126952416d6c01bf591bb

emacs-common-debuginfo-27.2-6.el9_0.1.s390x.rpm

SHA-256: 861d300b40e564d6aa682d534dfc9faa85629937c1b396329d19bfe8cac233f8

emacs-debuginfo-27.2-6.el9_0.1.s390x.rpm

SHA-256: 5e13939b0bbbd61f932195fa8e20c6c61f56dfdb6aaf4b90136dae6871593d29

emacs-debugsource-27.2-6.el9_0.1.s390x.rpm

SHA-256: 6962379f821969e2f4a4143cbc9aa70b003f528796d254d59ad4300e1820d154

emacs-filesystem-27.2-6.el9_0.1.noarch.rpm

SHA-256: 3c6e0ca7903e6280f8fb6464a55aa86efdee62744d7b373734f1e4c1b33dcc27

emacs-lucid-27.2-6.el9_0.1.s390x.rpm

SHA-256: 18c76dca3119adf477397a5047cb30fc009d8192d03eb2abd55a961881cd79da

emacs-lucid-debuginfo-27.2-6.el9_0.1.s390x.rpm

SHA-256: 4fc6211267e4abf1bcdf3b906608b9cd4c05382817b7cf88c26b56f914ac3398

emacs-nox-27.2-6.el9_0.1.s390x.rpm

SHA-256: 7a7edeb7afc029b933c3dceb65502511902709e1ca1eeb3fa6f2c08897772bed

emacs-nox-debuginfo-27.2-6.el9_0.1.s390x.rpm

SHA-256: 3b886e50f51c5e019b3310c91720d736bf786e1a9546f24dffd41f20a9108161

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.0

SRPM

emacs-27.2-6.el9_0.1.src.rpm

SHA-256: e9be642d59c29aa8097e80c6997222abbe4d591b994628d078d9cb7b6fcde802

ppc64le

emacs-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: d401c941958b7a0035e88413a73a513d5c5668662f8f6881c28f3f917b77a4f2

emacs-common-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: f7365c761bf33e0995ca6c92cbb64d9f356a03b50e43e59f1f6d9bdaf7d6b795

emacs-common-debuginfo-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 08fe586275c8c14b01889e2ca43a797480da6f6652f40a71bdc65be786b50d9c

emacs-debuginfo-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 08f471f305090868d3f836f5950f1f52bd05fe6c97e413ac0ebe752654c7c039

emacs-debugsource-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 5fe749f7f2b21a12e525e2071fb2d91dcbb604c8866a35ec2264426801444caa

emacs-filesystem-27.2-6.el9_0.1.noarch.rpm

SHA-256: 3c6e0ca7903e6280f8fb6464a55aa86efdee62744d7b373734f1e4c1b33dcc27

emacs-lucid-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 41edb23f8d4c6005423112adbf44e933a27c8d4912df948cb90e46f6dc31a825

emacs-lucid-debuginfo-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: f91050c5a5bdcca3f1df008b561147045be984296fc44ecf994233cc5cb1c46c

emacs-nox-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 5ffdedb98e7b4cffd9c1d1e0df66a40b7559b8e9033f850c34d0320ab91ee24e

emacs-nox-debuginfo-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 79b1d1030d80459e18e90f45fcbe5b93c8ce1254b8366ba74702a0c2e7ab195a

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.0

SRPM

emacs-27.2-6.el9_0.1.src.rpm

SHA-256: e9be642d59c29aa8097e80c6997222abbe4d591b994628d078d9cb7b6fcde802

aarch64

emacs-27.2-6.el9_0.1.aarch64.rpm

SHA-256: f3980dc522f490bef765aff7a3a6b2bf7afbf17fab7f3335291f78a3ad95b010

emacs-common-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 9fdb261eb8f1835fffa8d2a2fe057c2cab0e0c2d814c92370641b0247b8f977e

emacs-common-debuginfo-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 856769bd727f979671f431af05a0a480b890dbfbe0e821486e009158f3704883

emacs-debuginfo-27.2-6.el9_0.1.aarch64.rpm

SHA-256: ee91e894f78da157a8e3d26a79f9c8f4bf424f85015103a9d1112e1fdf077141

emacs-debugsource-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 9a8db7772a866c206490e3068643182894d14dc250e7b2d241711e6c62de1821

emacs-filesystem-27.2-6.el9_0.1.noarch.rpm

SHA-256: 3c6e0ca7903e6280f8fb6464a55aa86efdee62744d7b373734f1e4c1b33dcc27

emacs-lucid-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 3a83ce7739350050c1d13231f20ed17afb153589a073a59b2118e66024e9ded9

emacs-lucid-debuginfo-27.2-6.el9_0.1.aarch64.rpm

SHA-256: b6c6546dd0cd7664849e97d13f46d21f2c8f3260be3c8e404286c1a9014e1c4d

emacs-nox-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 32641033d4a6d8aecaf4074289c64d6674b8162531206c045242cf9fb37439e5

emacs-nox-debuginfo-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 60eef88e25a9e7a6254edadcda4751b40aa509d7de1c5018ad939d33cb646366

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.0

SRPM

emacs-27.2-6.el9_0.1.src.rpm

SHA-256: e9be642d59c29aa8097e80c6997222abbe4d591b994628d078d9cb7b6fcde802

ppc64le

emacs-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: d401c941958b7a0035e88413a73a513d5c5668662f8f6881c28f3f917b77a4f2

emacs-common-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: f7365c761bf33e0995ca6c92cbb64d9f356a03b50e43e59f1f6d9bdaf7d6b795

emacs-common-debuginfo-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 08fe586275c8c14b01889e2ca43a797480da6f6652f40a71bdc65be786b50d9c

emacs-debuginfo-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 08f471f305090868d3f836f5950f1f52bd05fe6c97e413ac0ebe752654c7c039

emacs-debugsource-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 5fe749f7f2b21a12e525e2071fb2d91dcbb604c8866a35ec2264426801444caa

emacs-filesystem-27.2-6.el9_0.1.noarch.rpm

SHA-256: 3c6e0ca7903e6280f8fb6464a55aa86efdee62744d7b373734f1e4c1b33dcc27

emacs-lucid-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 41edb23f8d4c6005423112adbf44e933a27c8d4912df948cb90e46f6dc31a825

emacs-lucid-debuginfo-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: f91050c5a5bdcca3f1df008b561147045be984296fc44ecf994233cc5cb1c46c

emacs-nox-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 5ffdedb98e7b4cffd9c1d1e0df66a40b7559b8e9033f850c34d0320ab91ee24e

emacs-nox-debuginfo-27.2-6.el9_0.1.ppc64le.rpm

SHA-256: 79b1d1030d80459e18e90f45fcbe5b93c8ce1254b8366ba74702a0c2e7ab195a

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.0

SRPM

emacs-27.2-6.el9_0.1.src.rpm

SHA-256: e9be642d59c29aa8097e80c6997222abbe4d591b994628d078d9cb7b6fcde802

x86_64

emacs-27.2-6.el9_0.1.x86_64.rpm

SHA-256: f3e856d8537e1fc72a7f0eddab9601cff1e4751ee922f265caed38ab6dec69bf

emacs-common-27.2-6.el9_0.1.x86_64.rpm

SHA-256: 354dc6bff8ba3e4d2f2af9b9b2661045338ddace9f80398c642ccc3fcfa8a795

emacs-common-debuginfo-27.2-6.el9_0.1.x86_64.rpm

SHA-256: 0f9510a36e6003c97f3f8c73be82f86ba96fa7156aedbe2ffae408230fe6ee0f

emacs-debuginfo-27.2-6.el9_0.1.x86_64.rpm

SHA-256: d085afbfeb53bb69e6e79a953e3c48f40d0a587638aefb5b166ff84b3e800884

emacs-debugsource-27.2-6.el9_0.1.x86_64.rpm

SHA-256: e28451ba824e823ae98918c11e25e2b4c56b78e6856abfa78fd154740570a0ab

emacs-filesystem-27.2-6.el9_0.1.noarch.rpm

SHA-256: 3c6e0ca7903e6280f8fb6464a55aa86efdee62744d7b373734f1e4c1b33dcc27

emacs-lucid-27.2-6.el9_0.1.x86_64.rpm

SHA-256: 0eb221a9d09d793895d1f315af9b4c0088a2f6f0e82747d09800a04e5f42f0fb

emacs-lucid-debuginfo-27.2-6.el9_0.1.x86_64.rpm

SHA-256: 4b50bb77bc76531fe13ae3ebb82a6a740dae40a2dee493215a1b108068c6b320

emacs-nox-27.2-6.el9_0.1.x86_64.rpm

SHA-256: e880ba3b5c9bbf810142b58333d8f210df72e23ec47b1c7db002270456aec667

emacs-nox-debuginfo-27.2-6.el9_0.1.x86_64.rpm

SHA-256: f9f717e4a6b660efde0fc20259cc38cab1efad87dfe1372ac5e66ff61558a00b

Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.0

SRPM

emacs-27.2-6.el9_0.1.src.rpm

SHA-256: e9be642d59c29aa8097e80c6997222abbe4d591b994628d078d9cb7b6fcde802

aarch64

emacs-27.2-6.el9_0.1.aarch64.rpm

SHA-256: f3980dc522f490bef765aff7a3a6b2bf7afbf17fab7f3335291f78a3ad95b010

emacs-common-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 9fdb261eb8f1835fffa8d2a2fe057c2cab0e0c2d814c92370641b0247b8f977e

emacs-common-debuginfo-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 856769bd727f979671f431af05a0a480b890dbfbe0e821486e009158f3704883

emacs-debuginfo-27.2-6.el9_0.1.aarch64.rpm

SHA-256: ee91e894f78da157a8e3d26a79f9c8f4bf424f85015103a9d1112e1fdf077141

emacs-debugsource-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 9a8db7772a866c206490e3068643182894d14dc250e7b2d241711e6c62de1821

emacs-filesystem-27.2-6.el9_0.1.noarch.rpm

SHA-256: 3c6e0ca7903e6280f8fb6464a55aa86efdee62744d7b373734f1e4c1b33dcc27

emacs-lucid-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 3a83ce7739350050c1d13231f20ed17afb153589a073a59b2118e66024e9ded9

emacs-lucid-debuginfo-27.2-6.el9_0.1.aarch64.rpm

SHA-256: b6c6546dd0cd7664849e97d13f46d21f2c8f3260be3c8e404286c1a9014e1c4d

emacs-nox-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 32641033d4a6d8aecaf4074289c64d6674b8162531206c045242cf9fb37439e5

emacs-nox-debuginfo-27.2-6.el9_0.1.aarch64.rpm

SHA-256: 60eef88e25a9e7a6254edadcda4751b40aa509d7de1c5018ad939d33cb646366

Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.0

SRPM

emacs-27.2-6.el9_0.1.src.rpm

SHA-256: e9be642d59c29aa8097e80c6997222abbe4d591b994628d078d9cb7b6fcde802

s390x

emacs-27.2-6.el9_0.1.s390x.rpm

SHA-256: 4d9124b582e490e35d1c88a75f14a90ada8ce6ebb81f1d2b566b717384849365

emacs-common-27.2-6.el9_0.1.s390x.rpm

SHA-256: 40aac13f51662300d5d4981e279762bd1f6ae621122126952416d6c01bf591bb

emacs-common-debuginfo-27.2-6.el9_0.1.s390x.rpm

SHA-256: 861d300b40e564d6aa682d534dfc9faa85629937c1b396329d19bfe8cac233f8

emacs-debuginfo-27.2-6.el9_0.1.s390x.rpm

SHA-256: 5e13939b0bbbd61f932195fa8e20c6c61f56dfdb6aaf4b90136dae6871593d29

emacs-debugsource-27.2-6.el9_0.1.s390x.rpm

SHA-256: 6962379f821969e2f4a4143cbc9aa70b003f528796d254d59ad4300e1820d154

emacs-filesystem-27.2-6.el9_0.1.noarch.rpm

SHA-256: 3c6e0ca7903e6280f8fb6464a55aa86efdee62744d7b373734f1e4c1b33dcc27

emacs-lucid-27.2-6.el9_0.1.s390x.rpm

SHA-256: 18c76dca3119adf477397a5047cb30fc009d8192d03eb2abd55a961881cd79da

emacs-lucid-debuginfo-27.2-6.el9_0.1.s390x.rpm

SHA-256: 4fc6211267e4abf1bcdf3b906608b9cd4c05382817b7cf88c26b56f914ac3398

emacs-nox-27.2-6.el9_0.1.s390x.rpm

SHA-256: 7a7edeb7afc029b933c3dceb65502511902709e1ca1eeb3fa6f2c08897772bed

emacs-nox-debuginfo-27.2-6.el9_0.1.s390x.rpm

SHA-256: 3b886e50f51c5e019b3310c91720d736bf786e1a9546f24dffd41f20a9108161

Related news

Ubuntu Security Notice USN-7027-1

Ubuntu Security Notice 7027-1 - It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Xi Lu discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

Red Hat Security Advisory 2023-3309-01

Red Hat Security Advisory 2023-3309-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.11.42. Issues addressed include a denial of service vulnerability.

RHSA-2023:3373: Red Hat Security Advisory: Migration Toolkit for Runtimes security update

An update for mtr-operator-bundle-container, mtr-operator-container, mtr-web-container, and mtr-web-executor-container is now available for Migration Toolkit for Runtimes 1 on RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-46877: A flaw was found in Jackson Databind. This issue may allow a malicious user to cause a denial of service (2 GB transient heap usage per read) in uncommon situations involving JsonNode JDK serialization. * CVE-2022-41854: Those using Sn...

Red Hat Security Advisory 2023-3189-01

Red Hat Security Advisory 2023-3189-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-2110-01

Red Hat Security Advisory 2023-2110-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.16. Issues addressed include a bypass vulnerability.

RHSA-2023:2110: Red Hat Security Advisory: OpenShift Container Platform 4.12.16 security update

Red Hat OpenShift Container Platform release 4.12.16 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-46146: A flaw was found in exporter-toolkit. A request can be forged by an attacker to poison the internal cache used to cache hashes and make subsequent successful requests. This cache is ...

Red Hat Security Advisory 2023-2626-01

Red Hat Security Advisory 2023-2626-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-2107-01

Red Hat Security Advisory 2023-2107-01 - The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. Issues addressed include a denial of service vulnerability.

RHSA-2023:2107: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.9 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition. * CVE-2022-41725: A flaw was found in Go, where it is vulnerable to a denial of service caused by...

Red Hat Security Advisory 2023-2074-01

Red Hat Security Advisory 2023-2074-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:2074: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Red Hat Security Advisory 2023-1958-01

Red Hat Security Advisory 2023-1958-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:1958: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Red Hat Security Advisory 2023-1931-01

Red Hat Security Advisory 2023-1931-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-1930-01

Red Hat Security Advisory 2023-1930-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:1931: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

RHSA-2023:1930: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Red Hat Security Advisory 2023-1915-01

Red Hat Security Advisory 2023-1915-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:1915: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Ubuntu Security Notice USN-6003-1

Ubuntu Security Notice 6003-1 - Xi Lu discovered that Emacs did not properly handle certain inputs. An attacker could possibly use this issue to execute arbitrary commands.

CVE-2023-28617: [PATCH] Fix ob-latex.el command injection vulnerability.

org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.