Debian Bug report logs -
#1031730
emacs: CVE-2022-48339 CVE-2022-48338 CVE-2022-48337
Package:
src:emacs;
Maintainer for src:emacs is Rob Browning <rlb@defaultvalueorg>;
Reported by: Moritz Mühlenhoff <jmm@inutilorg>
Date: Tue, 21 Feb 2023 15:09:13 UTC
Severity: grave
Tags: security, upstream
Found in version ema ...
Xi Lu discovered that missing input sanitising in Emacs (in etags, the
Ruby mode and htmlfontify) could result in the execution of arbitrary
shell commands
For the stable distribution (bullseye), these problems have been fixed in
version 1:271+1-31+deb11u2
We recommend that you upgrade your emacs packages
For the detailed security status of em ...
GNU Emacs through 282 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etagsc uses the system C library function in its implementation of the etags program For example, a victim may use the "etags -u *" command (suggested in the etags documentation) in a situation where the current ...
GNU Emacs through 282 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etagsc uses the system C library function in its implementation of the ctags program For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current wor ...
Synopsis
Moderate: emacs security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for emacs is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a securi ...
Synopsis
Important: ACS 41 enhancement update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 416 The updated images includes security fixesRed Hat Product Security has rated this update as having a security impact ofImportant A Common Vulnerability Scoring System ( ...
Synopsis
Important: RHACS 374 enhancement and security update
Type/Severity
Security Advisory: Important
Topic
Updated images are now available for Red Hat Advanced Cluster Security 374 The updated images includes bug and security fixesRed Hat Product Security has rated this update as having a security impact of Important A Common Vulner ...
Synopsis
Moderate: Migration Toolkit for Runtimes security, bug fix and enhancement update
Type/Severity
Security Advisory: Moderate
Topic
Migration Toolkit for Runtimes 124 releaseRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS) base score, which gives a de ...
Synopsis
Important: Red Hat OpenShift GitOps v193 security update
Type/Severity
Security Advisory: Important
Topic
An update is now available for Red Hat OpenShift GitOps 19Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a detaile ...
Synopsis
Important: OpenShift Virtualization 4129 Images security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Virtualization release 4129 is now available with updates to packages and images that fix several bugs and add enhancementsRed Hat Product Security has rated this update as having a secur ...
Synopsis
Low: Logging Subsystem 5710 - Red Hat OpenShift security update
Type/Severity
Security Advisory: Low
Topic
Low: Logging Subsystem 5710 - Red Hat OpenShift security updateRed Hat Product Security has rated this update as having a security impact of low A Common Vulnerability Scoring System (CVSS) base score, which gives a detaile ...
概要
Important: OpenShift Container Platform 411 low-latency extras update
タイプ/重大度
Security Advisory: Important
トピック
An update for cnf-tests-container, dpdk-base-container and performance-addon-operator-must-gather-rhel8-container is now available for Red Hat OpenShift Container Platform 411 Secondary scheduler builds ...
Synopsis
Moderate: RHACS 43 enhancement and security update
Type/Severity
Security Advisory: Moderate
Topic
Updated images are now available for Red Hat Advanced Cluster Security The updated image includes bug and security fixesRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Sc ...
Synopsis
Important: Red Hat OpenShift Pipelines 1106 release and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Pipelines 1106 has been releasedRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) base score, which gives a ...
Synopsis
Important: OpenShift Container Platform 4132 bug fix and security update
Type/Severity
Security Advisory: Important
Topic
Red Hat OpenShift Container Platform release 4132 is now available with updates to packages and images that fix several bugs and add enhancementsThis release includes a security update for Red Hat OpenShift C ...
Synopsis
Important: Red Hat OpenShift Data Foundation 4130 security and bug fix update
Type/Severity
Security Advisory: Important
Topic
Updated images that include numerous enhancements, security, and bug fixes are now available in Red Hat Container Registry for Red Hat OpenShift Data Foundation 4130 on Red Hat Enterprise Linux 9Red Hat ...
DescriptionThe MITRE CVE dictionary describes this issue as: GNU Emacs through 282 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etagsc uses the system C library function in its implementation of the etags program For example, a victim may use the "etags -u *" command (suggested ...