Advisories » MGASA-2017-0476

Updated emacs packages fix security vulnerability

Publication date: 31 Dec 2017
Modification date: 30 Dec 2017
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2017-14482

Description

Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code
execution when rendering text/enriched MIME data (e.g. when using
Emacs-based mail clients) (CVE-2017-14482).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=21695
• https://www.debian.org/security/2017/dsa-3970
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14482

SRPMS

6/core

• emacs-24.5-8.1.mga6

5/core

• emacs-24.3-10.1.mga5