ALSA-2024:6510

Source
https://errata.almalinux.org/9/ALSA-2024-6510.html
Import Source
https://github.com/AlmaLinux/osv-database/blob/master/advisories/almalinux9/ALSA-2024:6510.json
JSON Data
https://api.osv.dev/v1/vulns/ALSA-2024:6510
Related
Published
2024-09-09T00:00:00Z
Modified
2024-09-10T06:22:14Z
Summary
Moderate: emacs security update
Details

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.

Security Fix(es):

  • emacs: org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code (CVE-2024-39331)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Affected packages

AlmaLinux:9 / emacs

Package

Name
emacs

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:27.2-10.el9_4

AlmaLinux:9 / emacs-common

Package

Name
emacs-common

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:27.2-10.el9_4

AlmaLinux:9 / emacs-filesystem

Package

Name
emacs-filesystem

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:27.2-10.el9_4

AlmaLinux:9 / emacs-lucid

Package

Name
emacs-lucid

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:27.2-10.el9_4

AlmaLinux:9 / emacs-nox

Package

Name
emacs-nox

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:27.2-10.el9_4