[emacs] [CVE-2007-6109] buffer overflow
Bug #174177 reported by
disabled.user
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
emacs21 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Dapper |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Feisty |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Gutsy |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Hardy |
Fix Released
|
Undecided
|
Unassigned | ||
Intrepid |
Fix Released
|
Undecided
|
Unassigned | ||
emacs22 (Debian) |
Fix Released
|
Unknown
|
|||
emacs22 (Ubuntu) |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Dapper |
Invalid
|
Undecided
|
Unassigned | ||
Feisty |
Invalid
|
Undecided
|
Unassigned | ||
Gutsy |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Hardy |
Fix Released
|
Undecided
|
Jamie Strandboge | ||
Intrepid |
Fix Released
|
Undecided
|
Jamie Strandboge |
Bug Description
Binary package hint: emacs
References:
[1] CVE-2007-6109 (http://
[2] SUSE-SR:2007:025
Quoting [2]:
"A buffer overflow was fixed in emacs that can be triggered over the command-line."
Changed in emacs22: | |
status: | Unknown → Fix Released |
Changed in emacs22: | |
status: | New → Invalid |
Changed in emacs22: | |
status: | New → Won't Fix |
Changed in emacs22: | |
status: | New → Invalid |
Changed in emacs22: | |
status: | Won't Fix → New |
Changed in emacs22: | |
assignee: | nobody → jdstrand |
status: | New → In Progress |
Changed in emacs21: | |
assignee: | nobody → jdstrand |
status: | New → In Progress |
assignee: | nobody → jdstrand |
status: | New → In Progress |
assignee: | nobody → jdstrand |
status: | New → In Progress |
Changed in emacs21: | |
status: | In Progress → Fix Committed |
status: | In Progress → Fix Committed |
status: | In Progress → Fix Committed |
Changed in emacs22: | |
status: | In Progress → Fix Committed |
Changed in emacs21: | |
status: | New → Fix Released |
status: | New → Fix Released |
To post a comment you must log in.
Can you point me to a place where I can find the patch for this vulnerability? I downloaded emacs-22. 1-40.7. src.rpm from OpenSuSE, but couldn't find the patch that fixes this. Also, how certain is it that this effects emacs22? I noticed a couple of emacs security downloads from Novell dated at Nov. 28-29, but they were all for emacs-21.