openSUSE Security Update : emacs and depending packages (openSUSE-SU-2012:1348-1)

This script is Copyright (C) 2014 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update fixes the following issues for emacs, emacs-w3, gnuplot
and ddskk: emacs :

- Add fix for bnc#775993 which disable arbitrary lisp code
execution when 'enable-local-variables' is set to
':safe' (CVE-2012-3479)

- Add fix for bnc#780653 to allow emacs to parse tar
archives with PAX extended headers

- This update also upgrades emacs to version 24.1 :

- Support for Gtk+3.0, GnuTLS, ImageMagick, libxml2, and

- Support for wide integer (62 bits) in lisp even on
32-bit machines.

- The --unibyte, --multibyte, --no-multibyte, and
--no-unibyte command line arguments, and the
EMACS_UNIBYTE environment variable, no longer have any

- And many more changes see /usr/share/emacs/24.1/etc/NEWS

- Remove obsolete patches

- Refresh some others patches

emacs-w3 :

- (condition-case ...) and (eval-when (compile) ...) will
not work together

gnuplot :

- Resolve the former problem by using texlive-texinfo to
enforce installing required fonts as well as required
tools for TL 2012

- add more texlive 2012 requirements

- Make it build with latest TeXLive 2012 with new package

- Convert gnuplot.el to new backtick lisp scheme for emacs

ddskk :

- Update to ddskk-14.4 and skkdic-20110529

- Take some patches from Debian as well add some own

- Drop superfluous patches

See also :

Solution :

Update the affected emacs and depending packages packages.

Risk factor :

Medium / CVSS Base Score : 6.8

Family: SuSE Local Security Checks

Nessus Plugin ID: 74780 ()

Bugtraq ID:

CVE ID: CVE-2012-3479

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now