Two vulnerabilities have been found in GNU Emacs, possibly leading to user-assisted execution of arbitrary code.
Package | app-editors/emacs on all architectures |
---|---|
Affected versions | < 24.1-r1 |
Unaffected versions | >= 24.1-r1 revision >= 23.4-r4 < 23.2 |
GNU Emacs is a highly extensible and customizable text editor.
Multiple vulnerabilities have been discovered in GNU Emacs:
A remote attacker could entice a user to open a specially crafted file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
There is no known workaround at this time.
All GNU Emacs 24.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/emacs-24.1-r1"
All GNU Emacs 23.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/emacs-23.4-r4"