Package name
emacs
Date
2005-11-09
Advisory ID
MDKSA-2005:208
Affected versions
CS2.1 i586 , CS2.1 x86_64

Problem description

Emacs 21.2 does not prompt or warn the user before executing Lisp code
in the local variables section of a text file, which allows user-
complicit attackers to execute arbitrary commands, as demonstrated
using the mode-name variable.

The packages have been updated to version 21.3 to correct the problem.

Updated packages

CS2.1 i586

 48dc24e034b8091dcf425692e3063313  corporate/2.1/RPMS/emacs-21.3-1.1.C21mdk.i586.rpm
 2719f8131f4d22cb331e1d9139a5469a  corporate/2.1/RPMS/emacs-el-21.3-1.1.C21mdk.i586.rpm
 72083c11973082f333e77ab8517ef39d  corporate/2.1/RPMS/emacs-leim-21.3-1.1.C21mdk.i586.rpm
 c08f09ad0fc94583508edd3ba2706743  corporate/2.1/RPMS/emacs-nox-21.3-1.1.C21mdk.i586.rpm
 6e6c749452b93361b17270ec94a55f4a  corporate/2.1/RPMS/emacs-X11-21.3-1.1.C21mdk.i586.rpm
 6a8ed9e75840c8af8c5e498daaa04167  corporate/2.1/SRPMS/emacs-21.3-1.1.C21mdk.src.rpm

CS2.1 x86_64

 63f47c94136bff5fd82f4486dbef173d  x86_64/corporate/2.1/RPMS/emacs-21.3-1.1.C21mdk.x86_64.rpm
 ea4d960602af4c4f1e7a3899aacbfc38  x86_64/corporate/2.1/RPMS/emacs-el-21.3-1.1.C21mdk.x86_64.rpm
 9406e42241f55358662ca7c11afbfbe5  x86_64/corporate/2.1/RPMS/emacs-leim-21.3-1.1.C21mdk.x86_64.rpm
 37436bb462c3680e88faf06a8fb71dd7  x86_64/corporate/2.1/RPMS/emacs-nox-21.3-1.1.C21mdk.x86_64.rpm
 963f81f300e17c4b72999e146be5f772  x86_64/corporate/2.1/RPMS/emacs-X11-21.3-1.1.C21mdk.x86_64.rpm
 6a8ed9e75840c8af8c5e498daaa04167  x86_64/corporate/2.1/SRPMS/emacs-21.3-1.1.C21mdk.src.rpm

References