==========================================================================
Ubuntu Security Notice USN-3427-1
September 21, 2017

emacs24 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 16.04 LTS
– Ubuntu 14.04 LTS

Summary:

Emacs could be made to run programs as your login if it
opened a specially crafted file.

Software Description:
– emacs24: GNU Emacs editor

Details:

Charles A. Roelli discovered that Emacs incorrectly handled certain
files. If a user were tricked into opening a specially crafted file, an
attacker could possibly use this to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 16.04 LTS:
  emacs24                         24.5+1-6ubuntu1.1

Ubuntu 14.04 LTS:
  emacs24                         24.3+1-2ubuntu1.1

In general, a standard system update will make all the necessary
changes.

References:
  https://www.ubuntu.com/usn/usn-3427-1
  CVE-2017-14482

Package Information:
  https://launchpad.net/ubuntu/+source/emacs24/24.5+1-6ubuntu1.1
  https://launchpad.net/ubuntu/+source/emacs24/24.3+1-2ubuntu1.1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJZxCVNAAoJEEW851uECx9pwMsP/1///FfQ/H0ENxEvRWZsHNJu
juZts02Uctg8KYT5jbVGoJpGYcdo/gBIeHYtwbpKP/zLQ0yzCys+1M5q8wqZGkqe
g8crWTLwCTKultfQQ5F5bdxpSnPiKL5BiHqXMEca2LkC3+nYIqdIJ2bIsyj6RHly
ZhWXIl2v9EE5QxU4U/kO97+H2O7fqO8hoTtmzrd5hjFkiKEqCLP5hWh69+HKFrRP
ZMkcuODZONQH3rur2k9Eh+SqWno0h/h0gmg/Ji7c//Xr3Vt9+8Uk9lHWA9k3ulVF
e0ov7K82g+w5VvOH5zEPZXxODPfe+ZBMAKw5utZU+Yit5UlDkYAaxUC8mmP4YrcD
4ZSHZjfIjgSlREfjcPO8VXYB4hlRHHe6aDf8ftnSddByQUwu9gxW0ll4I3A44A45
KFBMGFypJ6uWOZpUwbds0TaKlOXhXXZsI7G66vovvnjDR9qZJ4kXR8ZiCWSyovuK
1bl2t1cm3dl1mljf2GwNKiUNK7oFnl4Bxc3yMfkWraFL/M6THADX4GLtXFf1d1HV
oDZogLTsVRZ7gtgwSNGNgOQFu+nqCI7w6pyxYssf2QtjNpVHo7e7TI5THknkw+Mi
bW2UA7dZimCrpmhs3pPYXMfAYVgpFkDkLpH+u9IxLPwhulW1nSueyx/ZXMY2f05O
zRICAUzuR0gk3DpiyLvq
=qBCY
—–END PGP SIGNATURE—–
—
ubuntu-security-announce mailing list
ubuntu-security-announce@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce

==========================================================================
Ubuntu Security Notice USN-3428-1
September 21, 2017

emacs25 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 17.04

Summary:

Emacs could be made to run programs as your login if it opened a
specially crafted file.

Software Description:
– emacs25: GNU Emacs editor

Details:

Charles A. Roelli discovered that Emacs incorrectly handled certain
files. If a user were tricked into opening a specially crafted file, an
attacker could possibly use this to execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 17.04:
  emacs25                         25.1+1-3ubuntu4.1

In general, a standard system update will make all the necessary
changes.

References:
  https://www.ubuntu.com/usn/usn-3428-1
  CVE-2017-14482

Package Information:
  https://launchpad.net/ubuntu/+source/emacs25/25.1+1-3ubuntu4.1
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2

iQIcBAABCAAGBQJZxDOZAAoJEEW851uECx9pNLMQAIOctxytviQz5BFRKezbEe1f
/XlM67zGrAvbO9V0OUaJue/1OMjLB9L4BcnThMKMMPjco73tF55A1jduQGp3PQzo
CJ7AHlyxU2l7i5G1OkIOk7OMx6LOtQvd7tpjkgZ7qDMNi2W1SMpyGF5HO5dpkew4
57p/oTzunlYvmjVubhLDzw4xXvrjrkHjSj8d/ua0i8GEs+1I+IeSbh+7anCOT6tS
2yg70SjHzg+3Ct7BO9HCAtR3WTD01TDe8ILIsLgfSSxH0ftvdk07/jKULaMy/vpp
KrjjpwCpUIeQ0ue84d7xxgS+O8Bc73e0R5dUO0FHYJODSJJI7Qd/wHa35mvOCG6Q
WDlSOOJGTSJ6XlcPdsYm7ef88qQRb7H4k2SfIquzxTy+v0zYlXspOzrf6c1yz2sw
oy9dc+deZQm+YKfYlPdhIkRMyf8P30LiySDWZOfhNqYjq4hQp7frAaV3Ii2eSGFT
ofUKpEmnzR+F0eqsLezYEWZx6OhME9nUfUBX9WzL9ua4oPHbh8SldeCgwt8g9Hf/
7Q99f0pDZqAa6+KJBco1PeaOwW6/rCTCjYZJIk3cy2Op8QigLOODJj2Eamd/+beN
YEbiWADbJqYKcBC35YHV/ou7tNDGJAA1WDfK1UVUumwBttapoCIKO/Z06LYv631Z
zDBSlQwueOwV2k8/RV4A
=jfaA
—–END PGP SIGNATURE—–
—