Two vulnerabilities have been found in GNU Emacs, possibly leading to user-assisted execution of arbitrary code.
|Package||app-editors/emacs on all architectures|
|Affected versions||< 24.1-r1|
|Unaffected versions||>= 24.1-r1
revision >= 23.4-r4
GNU Emacs is a highly extensible and customizable text editor.
Multiple vulnerabilities have been discovered in GNU Emacs:
A remote attacker could entice a user to open a specially crafted file, possibly resulting in execution of arbitrary code with the privileges of the process or a Denial of Service condition.
There is no known workaround at this time.
All GNU Emacs 24.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/emacs-24.1-r1"
All GNU Emacs 23.x users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/emacs-23.4-r4"