-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3970-1 security@xxxxxxxxxx https://www.debian.org/security/ Moritz Muehlenhoff September 12, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : emacs24 CVE ID : not yet available Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code execution when rendering text/enriched MIME data (e.g. when using Emacs-based mail clients). For the oldstable distribution (jessie), this problem has been fixed in version 24.4+1-5+deb8u1. For the stable distribution (stretch), this problem has been fixed in version 24.5+1-11+deb9u1. We recommend that you upgrade your emacs24 packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Mailing list: debian-security-announce@xxxxxxxxxxxxxxxx -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlm4S7cACgkQEMKTtsN8 TjYGSRAAlBXo00ZHx+P7Rgx3isQJEtlSVbX90C3QRloHAOrbb+DdmjaUO5YaNUvP YMLJzsGwtl+1lUSKyNpfhE35Gj2r+UHMsgBgxdTg5DO2QxkvxbFlDc4zaIHY5BSA 62+Qch8f56w7Hg/wXaXwOpsTTUhEEgHAVC6gAFLgPedK7DXIzAQeUeJREq5t/4vA lMUP72zPWpNHc6lu///E1J9Q6Mf8qngK5YnqZgfsYR+oRF3TftI/TIPBxwA6KXSG bs7zsBH4ahJG141ulFdDzpldtkpnv70lB7OE5YWQKTdi8wjKsLc4MYA9U+NQplhN lcj4n6huKIPNELi7uLZvvSULHrdjTXBC8yqQptnAFvVG/3WP9Pk32XmVeIP3TP3Z +Uw6Kt6GkX2VgOndDbCTKNXpwGP8T7xIgK8fceY9SWzI/EFz0UlH5SEbZSFoJCMd cK6ZaSdTfINDLBcvFa+6XgLjJP3pXHnBpyAH5sVEXR+U68BwXMcD6ziyyYFqezrT A5MqiJ1RNNc66nqOcbFMwl9pt5eo9K+4V/M+A0dcfVRBbA0aAY6wifhacNsCWnAg RLe0l3gqiRYG5Yi74rRIwZAW7FlGJnPKSReBdKC3qXE77qUBAN3iETiierUGzN9c C4IdOQks9R4gkkzoZf6ZjZlicSuR49JK+v4d3Q5nTwAwPYaxZRU= =0U74 -----END PGP SIGNATURE-----