Package name
emacs
Date
2010-04-20
Advisory ID
MDVSA-2010:083
Affected versions
2009.0 x86_64 , MES5 i586 , 2010.0 x86_64 , 2010.0 i586 , 2009.1 i586 , 2009.0 i586 , CS4.0 i586 , 2008.0 x86_64 , CS4.0 x86_64 , 2008.0 i586 , 2009.1 x86_64 , MES5 x86_64

Problem description

A vulnerability has been found and corrected in emacs:

lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to
read, modify, or delete arbitrary mailbox files via a symlink attack,
related to improper file-permission checks (CVE-2010-0825).

Packages for 2008.0 and 2009.0 are provided due to the Extended
Maintenance Program for those products.

The updated packages have been patched to correct this issue.

Updated packages

2009.0 x86_64

 6b0af1b476b32050822c7950a022cf63  2009.0/x86_64/emacs-22.3-2.1mdv2009.0.x86_64.rpm
 6de11081983013fa58c875af4dd43dda  2009.0/x86_64/emacs-common-22.3-2.1mdv2009.0.x86_64.rpm
 6080884452f7c688c1046a8eee7bfb93  2009.0/x86_64/emacs-doc-22.3-2.1mdv2009.0.x86_64.rpm
 b7c60b9b150e8ab9d6471477971dfe7e  2009.0/x86_64/emacs-el-22.3-2.1mdv2009.0.x86_64.rpm
 e22cd8c5b6871bb10dfd105e1fe93c6d  2009.0/x86_64/emacs-gtk-22.3-2.1mdv2009.0.x86_64.rpm
 3e4bbf7f08060542dfd06308aefda09d  2009.0/x86_64/emacs-leim-22.3-2.1mdv2009.0.x86_64.rpm
 02c66cddddd82e9c30a7e3544fd3b9a0  2009.0/x86_64/emacs-nox-22.3-2.1mdv2009.0.x86_64.rpm 
 3051661fcbf692988df69fb8c46d604f  2009.0/SRPMS/emacs-22.3-2.1mdv2009.0.src.rpm

MES5 i586

 17182742966ccef0e1ee6ee64cf6c17c  mes5/i586/emacs-22.3-2.1mdvmes5.1.i586.rpm
 2c828bd88fd8750f78f227a0056e7bad  mes5/i586/emacs-common-22.3-2.1mdvmes5.1.i586.rpm
 06aa75fc7aefae8e6eb4c8df6d99f19d  mes5/i586/emacs-doc-22.3-2.1mdvmes5.1.i586.rpm
 5836ed2232c06161b6d196022e35ad23  mes5/i586/emacs-el-22.3-2.1mdvmes5.1.i586.rpm
 d076d5c6111a9c7bd12fa92987d55974  mes5/i586/emacs-gtk-22.3-2.1mdvmes5.1.i586.rpm
 ebeced4cb7b5a5d9988331b7db910152  mes5/i586/emacs-leim-22.3-2.1mdvmes5.1.i586.rpm
 bec9bd00b1d3dd7c1dadbb0a5988cf78  mes5/i586/emacs-nox-22.3-2.1mdvmes5.1.i586.rpm 
 a0e1f2b44f9a7c89a05cc8d2e1ad0633  mes5/SRPMS/emacs-22.3-2.1mdvmes5.1.src.rpm

2010.0 x86_64

 71d28cedd7b4538855fb7dcaaa2dad8f  2010.0/x86_64/emacs-23.1-7.1mdv2010.0.x86_64.rpm
 4848d48176bc3259b4203408bd4de290  2010.0/x86_64/emacs-common-23.1-7.1mdv2010.0.x86_64.rpm
 18c40f7de50179cd24577e5d2b25a370  2010.0/x86_64/emacs-doc-23.1-7.1mdv2010.0.x86_64.rpm
 4be6369b10ee043d7a5a92f653786923  2010.0/x86_64/emacs-el-23.1-7.1mdv2010.0.x86_64.rpm
 b0636d25931219c429d3fd6ebcea52ed  2010.0/x86_64/emacs-leim-23.1-7.1mdv2010.0.x86_64.rpm
 f55a3a914aeabc657d753f31f361f58f  2010.0/x86_64/emacs-nox-23.1-7.1mdv2010.0.x86_64.rpm 
 4d9dd45bc26035a407e4c6d4b815c2a6  2010.0/SRPMS/emacs-23.1-7.1mdv2010.0.src.rpm

2010.0 i586

 f9fd03f96fc272bc63053a96cf843ac1  2010.0/i586/emacs-23.1-7.1mdv2010.0.i586.rpm
 681c0b44b0e22647067bd0e940be8827  2010.0/i586/emacs-common-23.1-7.1mdv2010.0.i586.rpm
 96d1a1ae8146ad61a215d3bf73b01700  2010.0/i586/emacs-doc-23.1-7.1mdv2010.0.i586.rpm
 8c8277a4a142800a0124469b67094aee  2010.0/i586/emacs-el-23.1-7.1mdv2010.0.i586.rpm
 36744d11530a8b669c806ca2914e3cf4  2010.0/i586/emacs-leim-23.1-7.1mdv2010.0.i586.rpm
 06102d1450f6c74060eae1d4407af99a  2010.0/i586/emacs-nox-23.1-7.1mdv2010.0.i586.rpm 
 4d9dd45bc26035a407e4c6d4b815c2a6  2010.0/SRPMS/emacs-23.1-7.1mdv2010.0.src.rpm

2009.1 i586

 d46fd2bc2ef99ffa3ac35bc7bb5d46a9  2009.1/i586/emacs-22.3-4.1mdv2009.1.i586.rpm
 1b1f0545718048547885c1338b5651ec  2009.1/i586/emacs-common-22.3-4.1mdv2009.1.i586.rpm
 f6b1005dd1b529f89da2af6e1697ec6d  2009.1/i586/emacs-doc-22.3-4.1mdv2009.1.i586.rpm
 a210802a6507090cdb81168b86128867  2009.1/i586/emacs-el-22.3-4.1mdv2009.1.i586.rpm
 9977e4a61f16d3afddc89691768d0fc1  2009.1/i586/emacs-gtk-22.3-4.1mdv2009.1.i586.rpm
 a85c9305c2239b22cbcecf5118c6da09  2009.1/i586/emacs-leim-22.3-4.1mdv2009.1.i586.rpm
 e0c7a27445140ef48dafccc553cd9317  2009.1/i586/emacs-nox-22.3-4.1mdv2009.1.i586.rpm 
 1b3914c818aeae1e4ea6a083b0af0d17  2009.1/SRPMS/emacs-22.3-4.1mdv2009.1.src.rpm

2009.0 i586

 c1f452b2b7a900adc5cd5f2227b592d9  2009.0/i586/emacs-22.3-2.1mdv2009.0.i586.rpm
 860f26ae0eb85825af7f059615884448  2009.0/i586/emacs-common-22.3-2.1mdv2009.0.i586.rpm
 e8f11e4b732db5a858f294eccca45656  2009.0/i586/emacs-doc-22.3-2.1mdv2009.0.i586.rpm
 4ff5202dcc2395ca1bcc256d626f6e26  2009.0/i586/emacs-el-22.3-2.1mdv2009.0.i586.rpm
 4fb94a77c1cf27c5467d4168f7a87753  2009.0/i586/emacs-gtk-22.3-2.1mdv2009.0.i586.rpm
 1527ff5aafb16dcf155a5ca4d4014488  2009.0/i586/emacs-leim-22.3-2.1mdv2009.0.i586.rpm
 4e1bcb4be6156a7c21705198b64c13ad  2009.0/i586/emacs-nox-22.3-2.1mdv2009.0.i586.rpm 
 3051661fcbf692988df69fb8c46d604f  2009.0/SRPMS/emacs-22.3-2.1mdv2009.0.src.rpm

CS4.0 i586

 97bf2e36167aec16484e4262d7192246  corporate/4.0/i586/emacs-21.4-20.5.20060mlcs4.i586.rpm
 98f091ceaf519ca443e72813db520d9b  corporate/4.0/i586/emacs-doc-21.4-20.5.20060mlcs4.i586.rpm
 5f17f3acea1c9553b5949da67b035bbd  corporate/4.0/i586/emacs-el-21.4-20.5.20060mlcs4.i586.rpm
 d53be55d9228a96dfd655b7869da2c0b  corporate/4.0/i586/emacs-leim-21.4-20.5.20060mlcs4.i586.rpm
 1da93a12ecd0d70ea2cc926581783261  corporate/4.0/i586/emacs-nox-21.4-20.5.20060mlcs4.i586.rpm
 52b90583166c96d572f54dfec71d58bb  corporate/4.0/i586/emacs-X11-21.4-20.5.20060mlcs4.i586.rpm 
 c42ea31f7a8370f26a1c4920378a8fc6  corporate/4.0/SRPMS/emacs-21.4-20.5.20060mlcs4.src.rpm

2008.0 x86_64

 f4264ec18e313e5d06886dd9ffa5f204  2008.0/x86_64/emacs-22.1-5.5mdv2008.0.x86_64.rpm
 fd0d05ad7ffe83fffca4ccecae8e3325  2008.0/x86_64/emacs-common-22.1-5.5mdv2008.0.x86_64.rpm
 b3e23700f78da33dffa5c84dc6da2bdb  2008.0/x86_64/emacs-doc-22.1-5.5mdv2008.0.x86_64.rpm
 4d03f0945652db265d8d84e1d64933b2  2008.0/x86_64/emacs-el-22.1-5.5mdv2008.0.x86_64.rpm
 4c3ece999300f74d84889f80fb98db1f  2008.0/x86_64/emacs-gtk-22.1-5.5mdv2008.0.x86_64.rpm
 ad9cf01c131774cce30c6f56dba1c0e0  2008.0/x86_64/emacs-leim-22.1-5.5mdv2008.0.x86_64.rpm
 9825be3852973a906c63eb0c4442fdf6  2008.0/x86_64/emacs-nox-22.1-5.5mdv2008.0.x86_64.rpm 
 1402cff0f3567e12b9993f6ff986c805  2008.0/SRPMS/emacs-22.1-5.5mdv2008.0.src.rpm

CS4.0 x86_64

 4af8671bfa35744feff142f012a43523  corporate/4.0/x86_64/emacs-21.4-20.5.20060mlcs4.x86_64.rpm
 8585644cac16348f507e0612386083e0  corporate/4.0/x86_64/emacs-doc-21.4-20.5.20060mlcs4.x86_64.rpm
 d9189616e257bcd96ce7e2911ce4bd0d  corporate/4.0/x86_64/emacs-el-21.4-20.5.20060mlcs4.x86_64.rpm
 ed95b11dff637feac7de0070a2c41234  corporate/4.0/x86_64/emacs-leim-21.4-20.5.20060mlcs4.x86_64.rpm
 4b4e71c2e6b9d256f0a418c697cc5d07  corporate/4.0/x86_64/emacs-nox-21.4-20.5.20060mlcs4.x86_64.rpm
 5f5db454263d95aa831fc80cc138f591  corporate/4.0/x86_64/emacs-X11-21.4-20.5.20060mlcs4.x86_64.rpm 
 c42ea31f7a8370f26a1c4920378a8fc6  corporate/4.0/SRPMS/emacs-21.4-20.5.20060mlcs4.src.rpm

2008.0 i586

 8a36ed0e4ee5e60e6d15bae8ff41f629  2008.0/i586/emacs-22.1-5.5mdv2008.0.i586.rpm
 fdd8511e920ced5d618d3cd6aba68911  2008.0/i586/emacs-common-22.1-5.5mdv2008.0.i586.rpm
 ca04fb9a07164015f2528a8786d77f29  2008.0/i586/emacs-doc-22.1-5.5mdv2008.0.i586.rpm
 a88f5daab983d28f945484f71cf1e828  2008.0/i586/emacs-el-22.1-5.5mdv2008.0.i586.rpm
 0419331869c819f648d8890e7f50ec1c  2008.0/i586/emacs-gtk-22.1-5.5mdv2008.0.i586.rpm
 db38ffe92d447d5971fe1dc684c4ce00  2008.0/i586/emacs-leim-22.1-5.5mdv2008.0.i586.rpm
 25cc16c584b483c7f22821140b1b938a  2008.0/i586/emacs-nox-22.1-5.5mdv2008.0.i586.rpm 
 1402cff0f3567e12b9993f6ff986c805  2008.0/SRPMS/emacs-22.1-5.5mdv2008.0.src.rpm

2009.1 x86_64

 fa88c22cdc5064d433238fa5078b62ba  2009.1/x86_64/emacs-22.3-4.1mdv2009.1.x86_64.rpm
 bb7213f01545508bf1a564eed7cb7037  2009.1/x86_64/emacs-common-22.3-4.1mdv2009.1.x86_64.rpm
 cfbda12c0fbf64bdb8854b746c035f6b  2009.1/x86_64/emacs-doc-22.3-4.1mdv2009.1.x86_64.rpm
 2b0879c394e9d504f289c24f054c0dbc  2009.1/x86_64/emacs-el-22.3-4.1mdv2009.1.x86_64.rpm
 797eda5597bd9cfce3ac01285991385c  2009.1/x86_64/emacs-gtk-22.3-4.1mdv2009.1.x86_64.rpm
 3dd582e834a33771c980b35862aab33a  2009.1/x86_64/emacs-leim-22.3-4.1mdv2009.1.x86_64.rpm
 cbae1087cfb5f6390a6f36b1cb29435d  2009.1/x86_64/emacs-nox-22.3-4.1mdv2009.1.x86_64.rpm 
 1b3914c818aeae1e4ea6a083b0af0d17  2009.1/SRPMS/emacs-22.3-4.1mdv2009.1.src.rpm

MES5 x86_64

 0b0eadf1a07340ed87cb28f9cd99baab  mes5/x86_64/emacs-22.3-2.1mdvmes5.1.x86_64.rpm
 03d3f340e9bf804982d3071187b2d6cd  mes5/x86_64/emacs-common-22.3-2.1mdvmes5.1.x86_64.rpm
 666d6b33034aff76c4caccf21dd2c787  mes5/x86_64/emacs-doc-22.3-2.1mdvmes5.1.x86_64.rpm
 e634c9037adbff1c38ca612cb46f0e3e  mes5/x86_64/emacs-el-22.3-2.1mdvmes5.1.x86_64.rpm
 097c47220c2d2a028761ef427bc041ee  mes5/x86_64/emacs-gtk-22.3-2.1mdvmes5.1.x86_64.rpm
 9cb00684bcc12ea6bcb0c5379346b2b6  mes5/x86_64/emacs-leim-22.3-2.1mdvmes5.1.x86_64.rpm
 f8de48a717ccdd6809b1e69ccc160e31  mes5/x86_64/emacs-nox-22.3-2.1mdvmes5.1.x86_64.rpm 
 a0e1f2b44f9a7c89a05cc8d2e1ad0633  mes5/SRPMS/emacs-22.3-2.1mdvmes5.1.src.rpm

References