Описание
Security update for emacs
This update for emacs fixes the following issues:
- CVE-2022-45939: Fixed shell command injection via source code files when using ctags (bsc#1205822).
Список пакетов
SUSE Enterprise Storage 6
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Enterprise Storage 7
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise High Performance Computing 15 SP2-ESPOS
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise High Performance Computing 15 SP2-LTSS
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise High Performance Computing 15-LTSS
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise Module for Basesystem 15 SP3
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise Module for Desktop Applications 15 SP3
emacs-x11-25.3-150000.3.12.1
SUSE Linux Enterprise Server 15 SP1-BCL
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise Server 15 SP1-LTSS
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise Server 15 SP2-BCL
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise Server 15 SP2-LTSS
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise Server 15-LTSS
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise Server for SAP Applications 15
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise Server for SAP Applications 15 SP1
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Linux Enterprise Server for SAP Applications 15 SP2
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Manager Proxy 4.1
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Manager Retail Branch Server 4.1
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
SUSE Manager Server 4.1
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
openSUSE Leap 15.3
emacs-25.3-150000.3.12.1
emacs-el-25.3-150000.3.12.1
emacs-info-25.3-150000.3.12.1
emacs-nox-25.3-150000.3.12.1
emacs-x11-25.3-150000.3.12.1
etags-25.3-150000.3.12.1
Ссылки
- Link for SUSE-SU-2022:4310-1
- E-Mail link for SUSE-SU-2022:4310-1
- SUSE Security Ratings
- SUSE Bug 1205822
- SUSE CVE CVE-2022-45939 page
Описание
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses the system C library function in its implementation of the ctags program. For example, a victim may use the "ctags *" command (suggested in the ctags documentation) in a situation where the current working directory has contents that depend on untrusted input.
Затронутые продукты
SUSE Enterprise Storage 6:emacs-25.3-150000.3.12.1
SUSE Enterprise Storage 6:emacs-el-25.3-150000.3.12.1
SUSE Enterprise Storage 6:emacs-info-25.3-150000.3.12.1
SUSE Enterprise Storage 6:emacs-nox-25.3-150000.3.12.1
Ссылки
- CVE-2022-45939
- SUSE Bug 1205822
- SUSE Bug 1208026
- SUSE Bug 1208348