Oracle Linux 7 : emacs (ELSA-2017-2771)
Medium Nessus Plugin ID 103347
SynopsisThe remote Oracle Linux host is missing one or more security updates.
DescriptionFrom Red Hat Security Advisory 2017:2771 :
An update for emacs is now available for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
GNU Emacs is a powerful, customizable, self-documenting text editor.
It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.
Security Fix(es) :
* A command injection flaw within the Emacs 'enriched mode' handling has been discovered. By tricking an unsuspecting user into opening a specially crafted file using Emacs, a remote attacker could exploit this flaw to execute arbitrary commands with the privileges of the Emacs user. (CVE-2017-14482)
SolutionUpdate the affected emacs packages.