Описание
Security update for emacs
This update for emacs fixes the following issues:
- CVE-2025-1244: improper handling of custom 'man' URI schemes allow for shell command injections. (bsc#1237091)
Список пакетов
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
emacs-x11-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
SUSE Linux Enterprise High Performance Computing 15 SP4-LTSS
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
emacs-x11-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
SUSE Linux Enterprise High Performance Computing 15 SP5-ESPOS
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
emacs-x11-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
SUSE Linux Enterprise High Performance Computing 15 SP5-LTSS
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
emacs-x11-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
SUSE Linux Enterprise Module for Basesystem 15 SP6
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
SUSE Linux Enterprise Module for Desktop Applications 15 SP6
emacs-x11-27.2-150400.3.23.2
SUSE Linux Enterprise Server 15 SP4-LTSS
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
emacs-x11-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
SUSE Linux Enterprise Server 15 SP5-LTSS
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
emacs-x11-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
SUSE Linux Enterprise Server for SAP Applications 15 SP4
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
emacs-x11-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
SUSE Linux Enterprise Server for SAP Applications 15 SP5
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
emacs-x11-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
SUSE Manager Proxy 4.3
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
SUSE Manager Server 4.3
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
openSUSE Leap 15.6
emacs-27.2-150400.3.23.2
emacs-el-27.2-150400.3.23.2
emacs-info-27.2-150400.3.23.2
emacs-nox-27.2-150400.3.23.2
emacs-x11-27.2-150400.3.23.2
etags-27.2-150400.3.23.2
Ссылки
- Link for SUSE-SU-2025:0599-1
- E-Mail link for SUSE-SU-2025:0599-1
- SUSE Security Ratings
- SUSE Bug 1237091
- SUSE CVE CVE-2025-1244 page
Описание
A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect.
Затронутые продукты
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:emacs-27.2-150400.3.23.2
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:emacs-el-27.2-150400.3.23.2
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:emacs-info-27.2-150400.3.23.2
SUSE Linux Enterprise High Performance Computing 15 SP4-ESPOS:emacs-nox-27.2-150400.3.23.2
Ссылки
- CVE-2025-1244
- SUSE Bug 1237091