Red Hat Security Advisory: New emacs packages available | Linux Today

Red Hat Security Advisory: New emacs packages available

Written By
Web Webster
Web Webster
Jun 16, 2000

Date: Thu, 15 Jun 2000 17:30 -0400
From: bugzilla@redhat.com
To: redhat-watch-list@redhat.com
Subject: [RHSA-2000:036-01] New emacs packages available


                   Red Hat, Inc. Security Advisory

Synopsis:          New emacs packages available
Advisory ID:       RHSA-2000:036-01
Issue date:        2000-06-15
Updated on:        2000-06-15
Product:           Red Hat Linux
Keywords:          emacs vulnerability
Cross references:  N/A

1. Topic:

With emacs < 20.7, unprivileged local users can eavesdrop the
communication between Emacs and its subprocesses.

2. Relevant releases/architectures:

Red Hat Linux 6.0 – i386 alpha sparc
Red Hat Linux 6.1 – i386 alpha sparc
Red Hat Linux 6.2 – i386 alpha sparc

3. Problem description:

With emacs < 20.7, unprivileged local users can eavesdrop the
communication between Emacs and its subprocesses.

This release also fix many minor problems.

The problem also exists for Red Hat 5.x. Unfortunately, the
fixes require UNIX98 PTYs. This is only available on Red Hat 6.x
and higher. If this problem concerns you, an upgrade is
recommended.

4. Solution:

For each RPM for your particular architecture, run:

rpm -Fvh [filename]

where filename is the name of the RPM.

5. Bug IDs fixed
(http://bugzilla.redhat.com/bugzilla
for more info):

11335 – emacs-nox built with X11 locale
10948 – emacs-nox does not accept pasted data
10798 – Emacs shell-script mode doesn’t know about bash2
9895 – Nit: png file marked as conf file.

6. RPMs required:

Red Hat Linux 6.2:

intel:

ftp://ftp.redhat.com/redhat/updates/6.2/i386/emacs-20.7-1.i386.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/i386/emacs-el-20.7-1.i386.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/i386/emacs-X11-20.7-1.i386.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/i386/emacs-leim-20.7-1.i386.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/i386/emacs-nox-20.7-1.i386.rpm

alpha:

ftp://ftp.redhat.com/redhat/updates/6.2/alpha/emacs-20.7-1.alpha.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/alpha/emacs-el-20.7-1.alpha.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/alpha/emacs-X11-20.7-1.alpha.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/alpha/emacs-leim-20.7-1.alpha.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/alpha/emacs-nox-20.7-1.alpha.rpm

sparc:

ftp://ftp.redhat.com/redhat/updates/6.2/sparc/emacs-20.7-1.sparc.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/sparc/emacs-el-20.7-1.sparc.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/sparc/emacs-X11-20.7-1.sparc.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/sparc/emacs-leim-20.7-1.sparc.rpm


ftp://ftp.redhat.com/redhat/updates/6.2/sparc/emacs-nox-20.7-1.sparc.rpm

sources:

ftp://ftp.redhat.com/redhat/updates/6.2/SRPMS/emacs-20.7-1.src.rpm

7. Verification:

MD5 sum Package Name


4338ef85b6f9c374879eeee77ae0eee9 6.2/SRPMS/emacs-20.7-1.src.rpm
9fbdc8b24f30bc0784a75b5d169df0c7 6.2/alpha/emacs-20.7-1.alpha.rpm
c008af143f571ae71d4f5415bd82968d 6.2/alpha/emacs-X11-20.7-1.alpha.rpm
718587a7b03c7b216d8c7825bedf1a0f 6.2/alpha/emacs-el-20.7-1.alpha.rpm
12add74edfdbb60bbf62db1a6fd8f89e 6.2/alpha/emacs-leim-20.7-1.alpha.rpm
1fa10098c9e56296d8d10a8e198b6e12 6.2/alpha/emacs-nox-20.7-1.alpha.rpm
e51141f6c521cf8009cc94669e00dc3f 6.2/i386/emacs-20.7-1.i386.rpm
7e2254b2c46deeb6a1ee8840cd4b2c2a 6.2/i386/emacs-X11-20.7-1.i386.rpm
27ef1a3ba0d97968ccca79d5421b8a1b 6.2/i386/emacs-el-20.7-1.i386.rpm
9057e85bf9cfd24057d0bdc8f16164ad 6.2/i386/emacs-leim-20.7-1.i386.rpm
19a8145b213dbcb54a3d8bad1fadcda0 6.2/i386/emacs-nox-20.7-1.i386.rpm
b4d69bb3e1ca46e2e164b2c342e7e615 6.2/sparc/emacs-20.7-1.sparc.rpm
2fc732546034395a8921fd2541f49fa1 6.2/sparc/emacs-X11-20.7-1.sparc.rpm
10e8880bf285287f328cf28888e0dcf1 6.2/sparc/emacs-el-20.7-1.sparc.rpm
0cc9c30a1bb74774913603def608fc55 6.2/sparc/emacs-leim-20.7-1.sparc.rpm
a6ae2d4b6afcb0022d59183b12472361 6.2/sparc/emacs-nox-20.7-1.sparc.rpm

These packages are GPG signed by Red Hat, Inc. for security. Our
key is available at:
http://www.redhat.com/corp/contact.html

You can verify each package with the following command:
rpm –checksig

If you only wish to verify that each package has not been
corrupted or tampered with, examine only the md5sum with the
following command:
rpm –checksig –nogpg

8. References:

http://www.securityfocus.com/bid/1125

Web Webster

Web Webster

Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.

Linux Today Logo

LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.