Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:1958: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.
Red Hat Security Data
#vulnerability#mac#linux#red_hat#ibm#sap

Synopsis

Important: emacs security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for emacs is now available for Red Hat Enterprise Linux 8.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.

Security Fix(es):

  • emacs: command injection vulnerability in org-mode (CVE-2023-28617)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 8.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4 ppc64le
  • Red Hat Enterprise Linux Server - TUS 8.4 x86_64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4 aarch64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64

Fixes

  • BZ - 2180544 - CVE-2023-28617 emacs: command injection vulnerability in org-mode

Red Hat Enterprise Linux for x86_64 - Extended Update Support 8.4

SRPM

emacs-26.1-5.el8_4.1.src.rpm

SHA-256: 8d6ceaeda72b3d57e4eae6c02b9651f64a3bb9c7ceed3b7bf61918a768c525c2

x86_64

emacs-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 3c3174d32638bbc64d2c07b029c5beed5ae3311f719a8bda979b8cac2df1a648

emacs-common-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 82c7f7d679338f35eba95ec4db51b1652fe42b948132103e5aee4d0c77a6dd77

emacs-common-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 226fcb4f2ab7176a4b812ff1dc26022e56d0aecf1c358a2483822e086957916f

emacs-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: a755d8731f6a3a2508376d2164fc5aef840bba5a44cbab2e32b92c803f5a1626

emacs-debugsource-26.1-5.el8_4.1.x86_64.rpm

SHA-256: dc56bc5a4ae3f5f17b9bfe03bf986a8629261c4e7e061c97827c8d7e3a459b33

emacs-filesystem-26.1-5.el8_4.1.noarch.rpm

SHA-256: b9a049b3de4e6de71d87ec934e42d87af2df9230425a7c4d68f89db78609b796

emacs-lucid-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 4c59bf8a3a49966c545d38def4a705f9912874c531db45ea69abc38844b83286

emacs-lucid-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 22b5e6091987b6ed34ef6be0675834ff6af8e431eddcf709ebf8e0a2fbd97d18

emacs-nox-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 528e6a68526989bf7eb884d6eddef1c9b54f77b8f7fb93bba0fb6fe7d78c0f86

emacs-nox-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: a3a0b5e45aa1a309524631c7560ff3ab7e8c04566fbda7527cfe595174b67505

emacs-terminal-26.1-5.el8_4.1.noarch.rpm

SHA-256: 0faab9a98943345d7d69f54aaad83b70c96c6bdbb84401969212790d37d631f8

Red Hat Enterprise Linux Server - AUS 8.4

SRPM

emacs-26.1-5.el8_4.1.src.rpm

SHA-256: 8d6ceaeda72b3d57e4eae6c02b9651f64a3bb9c7ceed3b7bf61918a768c525c2

x86_64

emacs-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 3c3174d32638bbc64d2c07b029c5beed5ae3311f719a8bda979b8cac2df1a648

emacs-common-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 82c7f7d679338f35eba95ec4db51b1652fe42b948132103e5aee4d0c77a6dd77

emacs-common-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 226fcb4f2ab7176a4b812ff1dc26022e56d0aecf1c358a2483822e086957916f

emacs-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: a755d8731f6a3a2508376d2164fc5aef840bba5a44cbab2e32b92c803f5a1626

emacs-debugsource-26.1-5.el8_4.1.x86_64.rpm

SHA-256: dc56bc5a4ae3f5f17b9bfe03bf986a8629261c4e7e061c97827c8d7e3a459b33

emacs-filesystem-26.1-5.el8_4.1.noarch.rpm

SHA-256: b9a049b3de4e6de71d87ec934e42d87af2df9230425a7c4d68f89db78609b796

emacs-lucid-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 4c59bf8a3a49966c545d38def4a705f9912874c531db45ea69abc38844b83286

emacs-lucid-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 22b5e6091987b6ed34ef6be0675834ff6af8e431eddcf709ebf8e0a2fbd97d18

emacs-nox-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 528e6a68526989bf7eb884d6eddef1c9b54f77b8f7fb93bba0fb6fe7d78c0f86

emacs-nox-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: a3a0b5e45aa1a309524631c7560ff3ab7e8c04566fbda7527cfe595174b67505

emacs-terminal-26.1-5.el8_4.1.noarch.rpm

SHA-256: 0faab9a98943345d7d69f54aaad83b70c96c6bdbb84401969212790d37d631f8

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 8.4

SRPM

emacs-26.1-5.el8_4.1.src.rpm

SHA-256: 8d6ceaeda72b3d57e4eae6c02b9651f64a3bb9c7ceed3b7bf61918a768c525c2

s390x

emacs-26.1-5.el8_4.1.s390x.rpm

SHA-256: 2ebc629db4b0d6e21ea7eecebcdcdd0b3f4c146160fdc3d021535a6af47fba1c

emacs-common-26.1-5.el8_4.1.s390x.rpm

SHA-256: bcb5969c8db7d0a367751de4bc215a09a06ca5852e40d10d087a822819f6e6dc

emacs-common-debuginfo-26.1-5.el8_4.1.s390x.rpm

SHA-256: 62881ce138edda1056366ec3f29cd753d6e2b216358c1d15475dcfba7596c462

emacs-debuginfo-26.1-5.el8_4.1.s390x.rpm

SHA-256: 3192f0493ec12cbf6b9609c754a69dd4c8d2176cb3592b61c4fc83b26681f8b5

emacs-debugsource-26.1-5.el8_4.1.s390x.rpm

SHA-256: 9543a7e9914ac0b9159561bb900212905019c581b0ee185b353d453f1ff18476

emacs-filesystem-26.1-5.el8_4.1.noarch.rpm

SHA-256: b9a049b3de4e6de71d87ec934e42d87af2df9230425a7c4d68f89db78609b796

emacs-lucid-26.1-5.el8_4.1.s390x.rpm

SHA-256: a70edfec05d520dbeaae4204424f79877bf258323836dee42fcda7e5d6921d31

emacs-lucid-debuginfo-26.1-5.el8_4.1.s390x.rpm

SHA-256: 56e067d78ef14ea6fee861fa90b257447cb5e4d23158e4b412231632ebd14960

emacs-nox-26.1-5.el8_4.1.s390x.rpm

SHA-256: 3445a030e8e842b2d301eff335011f24f0a5e538d3a63e0bcf7fe7da9c37fde8

emacs-nox-debuginfo-26.1-5.el8_4.1.s390x.rpm

SHA-256: b749c2f173ddd6fd1722d45df55ef5eea1fe289f35d1b99dd047411bb0c3237b

emacs-terminal-26.1-5.el8_4.1.noarch.rpm

SHA-256: 0faab9a98943345d7d69f54aaad83b70c96c6bdbb84401969212790d37d631f8

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 8.4

SRPM

emacs-26.1-5.el8_4.1.src.rpm

SHA-256: 8d6ceaeda72b3d57e4eae6c02b9651f64a3bb9c7ceed3b7bf61918a768c525c2

ppc64le

emacs-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 6f5cd263cdfbe57113be4b498487392f6a469f5d5bba1ee0c7613fb1b11bd719

emacs-common-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 4f61c7c006b6a2539ae2b1e31ba6b1c04c173478b302d0ac228fe0c92e113f27

emacs-common-debuginfo-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: c0eaf15ec05209c031bda2f5752563769c7513b6c1713f74bf4d72a91fea7653

emacs-debuginfo-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 63e0b73b4147179433b362bf999684be2e14c3b8e0cdffe69e7fa456422b698c

emacs-debugsource-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: e79265f2bebbeabbde452516aa25423164c6409d22514ba7a19dad46a238d015

emacs-filesystem-26.1-5.el8_4.1.noarch.rpm

SHA-256: b9a049b3de4e6de71d87ec934e42d87af2df9230425a7c4d68f89db78609b796

emacs-lucid-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 08f05f7eb26139341c31d589c46fcb9042dd9096bac42ef590eedfaf3498cb5e

emacs-lucid-debuginfo-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 1f8839f8c4bd6f91e881003199ed7785c09f1a8f10992e90451047e1dd621f3a

emacs-nox-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: a6fa9328504630d538c1e3ffba046444c9b6a29f269ee0f96914e7518b2e600b

emacs-nox-debuginfo-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 9cc52ba2bc8374e2a7a21dcb729eae0ffb70b66cb93cc6e4c8a034c48e21038d

emacs-terminal-26.1-5.el8_4.1.noarch.rpm

SHA-256: 0faab9a98943345d7d69f54aaad83b70c96c6bdbb84401969212790d37d631f8

Red Hat Enterprise Linux Server - TUS 8.4

SRPM

emacs-26.1-5.el8_4.1.src.rpm

SHA-256: 8d6ceaeda72b3d57e4eae6c02b9651f64a3bb9c7ceed3b7bf61918a768c525c2

x86_64

emacs-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 3c3174d32638bbc64d2c07b029c5beed5ae3311f719a8bda979b8cac2df1a648

emacs-common-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 82c7f7d679338f35eba95ec4db51b1652fe42b948132103e5aee4d0c77a6dd77

emacs-common-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 226fcb4f2ab7176a4b812ff1dc26022e56d0aecf1c358a2483822e086957916f

emacs-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: a755d8731f6a3a2508376d2164fc5aef840bba5a44cbab2e32b92c803f5a1626

emacs-debugsource-26.1-5.el8_4.1.x86_64.rpm

SHA-256: dc56bc5a4ae3f5f17b9bfe03bf986a8629261c4e7e061c97827c8d7e3a459b33

emacs-filesystem-26.1-5.el8_4.1.noarch.rpm

SHA-256: b9a049b3de4e6de71d87ec934e42d87af2df9230425a7c4d68f89db78609b796

emacs-lucid-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 4c59bf8a3a49966c545d38def4a705f9912874c531db45ea69abc38844b83286

emacs-lucid-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 22b5e6091987b6ed34ef6be0675834ff6af8e431eddcf709ebf8e0a2fbd97d18

emacs-nox-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 528e6a68526989bf7eb884d6eddef1c9b54f77b8f7fb93bba0fb6fe7d78c0f86

emacs-nox-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: a3a0b5e45aa1a309524631c7560ff3ab7e8c04566fbda7527cfe595174b67505

emacs-terminal-26.1-5.el8_4.1.noarch.rpm

SHA-256: 0faab9a98943345d7d69f54aaad83b70c96c6bdbb84401969212790d37d631f8

Red Hat Enterprise Linux for ARM 64 - Extended Update Support 8.4

SRPM

emacs-26.1-5.el8_4.1.src.rpm

SHA-256: 8d6ceaeda72b3d57e4eae6c02b9651f64a3bb9c7ceed3b7bf61918a768c525c2

aarch64

emacs-26.1-5.el8_4.1.aarch64.rpm

SHA-256: f66615d11f88f485d4d04077d6216b9e0394c3ba7fbd26df7b74103d696f3a28

emacs-common-26.1-5.el8_4.1.aarch64.rpm

SHA-256: 6e8f812ae17aa78d944c11b541e05fe5c207c88aa52caa1bb552caaf112c1043

emacs-common-debuginfo-26.1-5.el8_4.1.aarch64.rpm

SHA-256: dc8c143ec82db32a1bdbb79537fac6270ae8804fb8a3b679ec17b0908520437d

emacs-debuginfo-26.1-5.el8_4.1.aarch64.rpm

SHA-256: 22d4f5a0cd51768800ef77bc55466b3dc8180274a9fe65d16150f2b52ab37173

emacs-debugsource-26.1-5.el8_4.1.aarch64.rpm

SHA-256: 0a3cf243532055b8b06820e69b8b989baf816e053d7590898993230e22aa13c1

emacs-filesystem-26.1-5.el8_4.1.noarch.rpm

SHA-256: b9a049b3de4e6de71d87ec934e42d87af2df9230425a7c4d68f89db78609b796

emacs-lucid-26.1-5.el8_4.1.aarch64.rpm

SHA-256: b4fbbe920e6b8d03b6f060266e719c14e0fcbd133099d639a85ea411dc1c5fd7

emacs-lucid-debuginfo-26.1-5.el8_4.1.aarch64.rpm

SHA-256: 002f514a648c2c62faa32c17129381046075e56106e67aff280ae5006682696d

emacs-nox-26.1-5.el8_4.1.aarch64.rpm

SHA-256: ff505602740a6e85ce2304c6e527c7c8578e49331d2f942b6552789bd0326272

emacs-nox-debuginfo-26.1-5.el8_4.1.aarch64.rpm

SHA-256: 47e3c9b7b76f341525b3901110e028a06d285a2ba472d1ff241c5a68316f1e70

emacs-terminal-26.1-5.el8_4.1.noarch.rpm

SHA-256: 0faab9a98943345d7d69f54aaad83b70c96c6bdbb84401969212790d37d631f8

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4

SRPM

emacs-26.1-5.el8_4.1.src.rpm

SHA-256: 8d6ceaeda72b3d57e4eae6c02b9651f64a3bb9c7ceed3b7bf61918a768c525c2

ppc64le

emacs-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 6f5cd263cdfbe57113be4b498487392f6a469f5d5bba1ee0c7613fb1b11bd719

emacs-common-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 4f61c7c006b6a2539ae2b1e31ba6b1c04c173478b302d0ac228fe0c92e113f27

emacs-common-debuginfo-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: c0eaf15ec05209c031bda2f5752563769c7513b6c1713f74bf4d72a91fea7653

emacs-debuginfo-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 63e0b73b4147179433b362bf999684be2e14c3b8e0cdffe69e7fa456422b698c

emacs-debugsource-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: e79265f2bebbeabbde452516aa25423164c6409d22514ba7a19dad46a238d015

emacs-filesystem-26.1-5.el8_4.1.noarch.rpm

SHA-256: b9a049b3de4e6de71d87ec934e42d87af2df9230425a7c4d68f89db78609b796

emacs-lucid-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 08f05f7eb26139341c31d589c46fcb9042dd9096bac42ef590eedfaf3498cb5e

emacs-lucid-debuginfo-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 1f8839f8c4bd6f91e881003199ed7785c09f1a8f10992e90451047e1dd621f3a

emacs-nox-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: a6fa9328504630d538c1e3ffba046444c9b6a29f269ee0f96914e7518b2e600b

emacs-nox-debuginfo-26.1-5.el8_4.1.ppc64le.rpm

SHA-256: 9cc52ba2bc8374e2a7a21dcb729eae0ffb70b66cb93cc6e4c8a034c48e21038d

emacs-terminal-26.1-5.el8_4.1.noarch.rpm

SHA-256: 0faab9a98943345d7d69f54aaad83b70c96c6bdbb84401969212790d37d631f8

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4

SRPM

emacs-26.1-5.el8_4.1.src.rpm

SHA-256: 8d6ceaeda72b3d57e4eae6c02b9651f64a3bb9c7ceed3b7bf61918a768c525c2

x86_64

emacs-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 3c3174d32638bbc64d2c07b029c5beed5ae3311f719a8bda979b8cac2df1a648

emacs-common-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 82c7f7d679338f35eba95ec4db51b1652fe42b948132103e5aee4d0c77a6dd77

emacs-common-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 226fcb4f2ab7176a4b812ff1dc26022e56d0aecf1c358a2483822e086957916f

emacs-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: a755d8731f6a3a2508376d2164fc5aef840bba5a44cbab2e32b92c803f5a1626

emacs-debugsource-26.1-5.el8_4.1.x86_64.rpm

SHA-256: dc56bc5a4ae3f5f17b9bfe03bf986a8629261c4e7e061c97827c8d7e3a459b33

emacs-filesystem-26.1-5.el8_4.1.noarch.rpm

SHA-256: b9a049b3de4e6de71d87ec934e42d87af2df9230425a7c4d68f89db78609b796

emacs-lucid-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 4c59bf8a3a49966c545d38def4a705f9912874c531db45ea69abc38844b83286

emacs-lucid-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 22b5e6091987b6ed34ef6be0675834ff6af8e431eddcf709ebf8e0a2fbd97d18

emacs-nox-26.1-5.el8_4.1.x86_64.rpm

SHA-256: 528e6a68526989bf7eb884d6eddef1c9b54f77b8f7fb93bba0fb6fe7d78c0f86

emacs-nox-debuginfo-26.1-5.el8_4.1.x86_64.rpm

SHA-256: a3a0b5e45aa1a309524631c7560ff3ab7e8c04566fbda7527cfe595174b67505

emacs-terminal-26.1-5.el8_4.1.noarch.rpm

SHA-256: 0faab9a98943345d7d69f54aaad83b70c96c6bdbb84401969212790d37d631f8

Related news

Ubuntu Security Notice USN-7027-1

Ubuntu Security Notice 7027-1 - It was discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. Xi Lu discovered that Emacs incorrectly handled input sanitization. An attacker could possibly use this issue to execute arbitrary commands. This issue only affected Ubuntu 16.04 LTS, Ubuntu 18.04 LTS, Ubuntu 20.04 LTS and Ubuntu 22.04 LTS.

RHSA-2023:3309: Red Hat Security Advisory: OpenShift Container Platform 4.11.42 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.42 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-17419: The Miek Gieben DNS library is vulnerable to a denial of service caused by a segmentation violation in setTA in scan_rr.go. By persuading a victim to open a specially-crafted file, a...

RHSA-2023:3265: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.3 Security and Bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23539: A flaw was found in the jsonwebtoken package. The affected versions of the `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. *...

Red Hat Security Advisory 2023-3189-01

Red Hat Security Advisory 2023-3189-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-2110-01

Red Hat Security Advisory 2023-2110-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.12.16. Issues addressed include a bypass vulnerability.

Red Hat Security Advisory 2023-2626-01

Red Hat Security Advisory 2023-2626-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:2626: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-48337: A flaw was found in the Emacs package. This flaw allows attackers to execute commands via shell metacharacters in the name of a source-code file. * CVE-2022-48338: A flaw was found in the Emacs package. A malicious ruby source file may cause a local command injection. * CVE-2022-48339: A flaw was found in the Emacs package. If a file name or direc...

RHSA-2023:2107: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.9 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition. * CVE-2022-41725: A flaw was found in Go, where it is vulnerable to a denial of service caused by...

Red Hat Security Advisory 2023-2074-01

Red Hat Security Advisory 2023-2074-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:2074: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Red Hat Security Advisory 2023-1958-01

Red Hat Security Advisory 2023-1958-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:2010: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Red Hat Security Advisory 2023-1931-01

Red Hat Security Advisory 2023-1931-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-1930-01

Red Hat Security Advisory 2023-1930-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:1931: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

RHSA-2023:1930: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Red Hat Security Advisory 2023-1915-01

Red Hat Security Advisory 2023-1915-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:1915: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Ubuntu Security Notice USN-6003-1

Ubuntu Security Notice 6003-1 - Xi Lu discovered that Emacs did not properly handle certain inputs. An attacker could possibly use this issue to execute arbitrary commands.

CVE-2023-28617: [PATCH] Fix ob-latex.el command injection vulnerability.

org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.