Operating System:

Published:

15 June 2000

Protect yourself against future threats.

-----BEGIN PGP SIGNED MESSAGE-----

===========================================================================
              AUSCERT External Security Bulletin Redistribution
                             
                      ESB-2000.138 -- RHSA-2000:036-01
                        New emacs packages available
                                16 June 2000

===========================================================================

	AusCERT Security Bulletin Summary
	---------------------------------

Product:		emacs
Vendor:			Red Hat
Operating System:	Linux
Platform:		N/A

Impact:			Access Privileged Data
Access Required:	Local

- --------------------------BEGIN INCLUDED TEXT--------------------

- ---------------------------------------------------------------------
                   Red Hat, Inc. Security Advisory

Synopsis:          New emacs packages available
Advisory ID:       RHSA-2000:036-01
Issue date:        2000-06-15
Updated on:        2000-06-15
Product:           Red Hat Linux
Keywords:          emacs vulnerability
Cross references:  N/A
- ---------------------------------------------------------------------

1. Topic:

With emacs < 20.7, unprivileged local users can eavesdrop the communication between Emacs and its subprocesses.

2. Relevant releases/architectures:

Red Hat Linux 6.0 - i386 alpha sparc
Red Hat Linux 6.1 - i386 alpha sparc
Red Hat Linux 6.2 - i386 alpha sparc

3. Problem description:

With emacs < 20.7, unprivileged local users can eavesdrop the communication between Emacs and its subprocesses.

This release also fix many minor problems.

The problem also exists for Red Hat 5.x. Unfortunately, the fixes require UNIX98 PTYs. This is only available on Red Hat 6.x and higher. If this problem concerns you, an upgrade is recommended.

4. Solution:

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

5. Bug IDs fixed (http://bugzilla.redhat.com/bugzilla for more info):

11335 - emacs-nox built with X11 locale
10948 - emacs-nox does not accept pasted data
10798 - Emacs shell-script mode doesn't know about bash2
9895 - Nit: png file marked as conf file.


6. RPMs required:

Red Hat Linux 6.2:

intel:
ftp://ftp.redhat.com/redhat/updates/6.2/i386/emacs-20.7-1.i386.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/i386/emacs-el-20.7-1.i386.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/i386/emacs-X11-20.7-1.i386.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/i386/emacs-leim-20.7-1.i386.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/i386/emacs-nox-20.7-1.i386.rpm

alpha:
ftp://ftp.redhat.com/redhat/updates/6.2/alpha/emacs-20.7-1.alpha.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/alpha/emacs-el-20.7-1.alpha.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/alpha/emacs-X11-20.7-1.alpha.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/alpha/emacs-leim-20.7-1.alpha.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/alpha/emacs-nox-20.7-1.alpha.rpm

sparc:
ftp://ftp.redhat.com/redhat/updates/6.2/sparc/emacs-20.7-1.sparc.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/sparc/emacs-el-20.7-1.sparc.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/sparc/emacs-X11-20.7-1.sparc.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/sparc/emacs-leim-20.7-1.sparc.rpm
ftp://ftp.redhat.com/redhat/updates/6.2/sparc/emacs-nox-20.7-1.sparc.rpm

sources:
ftp://ftp.redhat.com/redhat/updates/6.2/SRPMS/emacs-20.7-1.src.rpm

7. Verification:

MD5 sum                           Package Name
- --------------------------------------------------------------------------
4338ef85b6f9c374879eeee77ae0eee9  6.2/SRPMS/emacs-20.7-1.src.rpm
9fbdc8b24f30bc0784a75b5d169df0c7  6.2/alpha/emacs-20.7-1.alpha.rpm
c008af143f571ae71d4f5415bd82968d  6.2/alpha/emacs-X11-20.7-1.alpha.rpm
718587a7b03c7b216d8c7825bedf1a0f  6.2/alpha/emacs-el-20.7-1.alpha.rpm
12add74edfdbb60bbf62db1a6fd8f89e  6.2/alpha/emacs-leim-20.7-1.alpha.rpm
1fa10098c9e56296d8d10a8e198b6e12  6.2/alpha/emacs-nox-20.7-1.alpha.rpm
e51141f6c521cf8009cc94669e00dc3f  6.2/i386/emacs-20.7-1.i386.rpm
7e2254b2c46deeb6a1ee8840cd4b2c2a  6.2/i386/emacs-X11-20.7-1.i386.rpm
27ef1a3ba0d97968ccca79d5421b8a1b  6.2/i386/emacs-el-20.7-1.i386.rpm
9057e85bf9cfd24057d0bdc8f16164ad  6.2/i386/emacs-leim-20.7-1.i386.rpm
19a8145b213dbcb54a3d8bad1fadcda0  6.2/i386/emacs-nox-20.7-1.i386.rpm
b4d69bb3e1ca46e2e164b2c342e7e615  6.2/sparc/emacs-20.7-1.sparc.rpm
2fc732546034395a8921fd2541f49fa1  6.2/sparc/emacs-X11-20.7-1.sparc.rpm
10e8880bf285287f328cf28888e0dcf1  6.2/sparc/emacs-el-20.7-1.sparc.rpm
0cc9c30a1bb74774913603def608fc55  6.2/sparc/emacs-leim-20.7-1.sparc.rpm
a6ae2d4b6afcb0022d59183b12472361  6.2/sparc/emacs-nox-20.7-1.sparc.rpm

These packages are GPG signed by Red Hat, Inc. for security.  Our key
is available at:
    http://www.redhat.com/corp/contact.html

You can verify each package with the following command:
    rpm --checksig  <filename>

If you only wish to verify that each package has not been corrupted or
tampered with, examine only the md5sum with the following command:
    rpm --checksig --nogpg <filename>

8. References:

http://www.securityfocus.com/bid/1125

- --------------------------END INCLUDED TEXT--------------------

This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content.  The decision to use any or all of this information is
the responsibility of each user or organisation, and should be done so in
accordance with site policies and procedures.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the original authors to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

	http://www.auscert.org.au/Information/advisories.html

If you believe that your system has been compromised, contact AusCERT or
your representative in FIRST (Forum of Incident Response and Security
Teams).

Internet Email: auscert@auscert.org.au
Facsimile:	(07) 3365 7031
Telephone:	(07) 3365 4417 (International: +61 7 3365 4417)
		AusCERT personnel answer during Queensland business hours
		which are GMT+10:00 (AEST).
		On call after hours for emergencies.


-----BEGIN PGP SIGNATURE-----
Version: 2.6.3i
Charset: noconv
Comment: ftp://ftp.auscert.org.au/pub/auscert/AUSCERT_PGP.key

iQCVAwUBOXXTUCh9+71yA2DNAQHfEAP9HD+IvAXjfUNNQGnUYriRpsY9k6UMQ3vq
QaqAa7spLs5y9kg5aUC0rkAmVR/sD89ShZmP4n6SELTukB/ms1B88phLTVGC+WTb
ij4JIf8Vbzhcp3KLDEhvwG78RkLOqF1D6oaqkeILfrf4Xrx9B/LXwszpCRqRrtr8
x+VSa+d3piA=
=W4Nb
-----END PGP SIGNATURE-----