Mandriva Linux Security Advisory : emacs (MDVSA-2010:083)
Medium Nessus Plugin ID 45588
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in emacs :
lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbitrary mailbox files via a symlink attack, related to improper file-permission checks (CVE-2010-0825).
Packages for 2008.0 and 2009.0 are provided due to the Extended Maintenance Program for those products.
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.