Summary
The remote host is missing updates announced in
advisory GLSA 200902-06.
Solution
All GNU Emacs users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=app-editors/emacs-22.2-r3'
All edit-utils users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=app-xemacs/edit-utils-2.39'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200902-06 http://bugs.gentoo.org/show_bug.cgi?id=221197
http://bugs.gentoo.org/show_bug.cgi?id=236498
Insight
Two vulnerabilities were found in GNU Emacs, possibly leading to user-assisted execution of arbitrary code. One also affects edit-utils in XEmacs.
Severity
Classification
-
CVE CVE-2008-2142, CVE-2008-3949 -
CVSS Base Score: 7.2
AV:L/AC:L/Au:N/C:C/I:C/A:C
Related Vulnerabilities