Moderate: Red Hat Security Advisory: emacs security and bug fix update

An update for emacs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

Low: Red Hat Security Advisory: libarchive security update

An update for libarchive is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

kernel: Executable Space Protection Bypass

A vulnerability was found in the Linux kernel when certain binary files have the exec-all attribute with gcc. This issue can cause the execution of bytes located in the non-executable regions of a file...

libtar: out-of-bounds read in gnu_longname

A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with size in header struct being 0 to trigger a calling of malloc0 for a variable gnulongname, causing an out-of-bounds read...

libtar: memory leak found in th_read() function

A flaw was found in libtar. This security vulnerability occurs because the thread function in libtar doesn’t free a variable t-thbuf.gnulongname after allocating memory, which may cause a memory leak...

libtar: memory leak found in th_read() function

A flaw was found in libtar. This security vulnerability occurs because the thread function in libtar doesn’t free a variable t-thbuf.gnulonglink after allocating memory, which may cause a memory leak...

Moderate: Red Hat Security Advisory: libtar security update

An update for libtar is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

libtar: out-of-bounds read in gnu_longlink

A flaw was found in libtar. This flaw allows an attacker who submits a crafted tar file with the size in the header struct being 0 to trigger a calling of malloc0 for a variable gnulonglink, causing an out-of-bounds read...

ALSA-2023:3104 Important: emacs security update

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language elisp, and the capability to read e-mail and news. Security Fixes: emacs: Regression of CVE-2023-28617 fixes in the AlmaLinux CVE-2023-2491 For more details about t...

EulerOS Virtualization 2.10.1 : emacs (EulerOS-SA-2023-1887)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...

EulerOS Virtualization 2.10.0 : emacs (EulerOS-SA-2023-1918)

According to the versions of the emacs package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because...

Low: libarchive security update

The libarchive programming library can create and read several different streaming archive formats, including GNU tar, cpio, and ISO 9660 CD-ROM images. Libarchive is used notably in the bsdtar utility, scripting language bindings such as python-libarchive, and several popular desktop file...

EulerOS Virtualization 2.10.0 : libtasn1 (EulerOS-SA-2023-1922)

According to the versions of the libtasn1 package installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - GNU Libtasn1 before 4.19.0 has an ETYPEOK off-by-one array size check that affects asn1encodesimpleder. CVE-2021-46848 Note that...

Oracle Linux 9 : emacs (ELSA-2023-2366)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-2366 advisory. 1:27.2-8 - Use a 64KB page size for pdump 1979804 1:27.2-7 - Fix ctags local command execute vulnerability 2149387 Tenable has extracted the preceding descripti...

Oracle Linux 9 : emacs (ELSA-2023-2626)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-2626 advisory. 1:27.2-8.1 - Fix etags local command injection vulnerability 2184369 - Fix htmlfontify.el command injection vulnerability 2184368 - Fix ruby-mode.el...

AlmaLinux 9 : emacs (ALSA-2023:2366)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:2366 advisory. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C...

AlmaLinux 9 : emacs (ALSA-2023:2626)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:2626 advisory. - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the...

EulerOS 2.0 SP9 : tar (EulerOS-SA-2023-1881)

According to the versions of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change th...

EulerOS 2.0 SP9 : emacs (EulerOS-SA-2023-1865)

According to the versions of the emacs package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c us...

EulerOS 2.0 SP9 : tar (EulerOS-SA-2023-1856)

According to the versions of the tar package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change th...