Red Hat Product Errata RHSA-2023:7083 - Security Advisory
Issued:
2023-11-14
Updated:
2023-11-14

RHSA-2023:7083 - Security Advisory

Synopsis

Moderate: emacs security update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for emacs is now available for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.

Security Fix(es):

  • emacs: command execution via shell metacharacters (CVE-2022-48337)
  • emacs: command injection vulnerability in htmlfontify.el (CVE-2022-48339)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.9 Release Notes linked from the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for ARM 64 8 aarch64

Fixes

  • BZ - 2171987 - CVE-2022-48337 emacs: command execution via shell metacharacters
  • BZ - 2171989 - CVE-2022-48339 emacs: command injection vulnerability in htmlfontify.el

Red Hat Enterprise Linux for x86_64 8

SRPM
emacs-26.1-11.el8.src.rpm SHA-256: f25f02018f80f3f3ce725fb3a7d3f94270843a2d999d1de4eb39b86ce6edeb6d
x86_64
emacs-26.1-11.el8.x86_64.rpm SHA-256: 4f9dff793ff013ee573b8aa17da106ddd90c3d8f056b8584808a99200d611778
emacs-common-26.1-11.el8.x86_64.rpm SHA-256: fcecca27361a87c223ec2e95803b9dc71e846bf8b64f632ccbad21f92f23a398
emacs-common-debuginfo-26.1-11.el8.x86_64.rpm SHA-256: 87473027f664fc0e2d7cf3d6ec2dfbe9e0cd476e1d823a4f209ae9b989a258c0
emacs-debuginfo-26.1-11.el8.x86_64.rpm SHA-256: bc2b9982ac1bee40e540f3def9f1c9bcfd5ae1a0de9fcb455424da2df59b2f0a
emacs-debugsource-26.1-11.el8.x86_64.rpm SHA-256: 0eb4681354f6496cc03b97cc0f9a02b1c2d0e359ec52c8eba1f70c163d532f7f
emacs-filesystem-26.1-11.el8.noarch.rpm SHA-256: ff85c423bbd457898ae77ce51e60f2a6591efff14215d0268172b53e43257d82
emacs-lucid-26.1-11.el8.x86_64.rpm SHA-256: 9d50c37a62d5cc199cd3cfd0cee3e3b1dec6bdbc3fa8b2b8d5a95a1279cc7eff
emacs-lucid-debuginfo-26.1-11.el8.x86_64.rpm SHA-256: 940b839e5a68f110747950c411b9bf2f83389ab17c6609ea0b2fe67d9f5a381e
emacs-nox-26.1-11.el8.x86_64.rpm SHA-256: e9f3b39b35f9ada14f6db3f2bf41af2137c21fd8ae50297f3135c9afe6cb5a4d
emacs-nox-debuginfo-26.1-11.el8.x86_64.rpm SHA-256: 413a6e2ddc0ad65907c23f0a119d20675fe716850cef3838f0ecac0eb2f05c20
emacs-terminal-26.1-11.el8.noarch.rpm SHA-256: e65a8c5d967999429ef384038ee7313030602e9e560be17e7aa10238c4178517

Red Hat Enterprise Linux for IBM z Systems 8

SRPM
emacs-26.1-11.el8.src.rpm SHA-256: f25f02018f80f3f3ce725fb3a7d3f94270843a2d999d1de4eb39b86ce6edeb6d
s390x
emacs-26.1-11.el8.s390x.rpm SHA-256: 8288834fc3708f0f3182ad1c7f49ceed13ba9f07c3a99cd66fee4ef5c987cff3
emacs-common-26.1-11.el8.s390x.rpm SHA-256: 80390c6d1902125dc065466cf71ccbb5d26e015d55a0d0e3ddf3610401a329b0
emacs-common-debuginfo-26.1-11.el8.s390x.rpm SHA-256: 0e5f8da2d29f94d706386d77cb86657ee86ca20d800ef1930f34885c24f6dea5
emacs-debuginfo-26.1-11.el8.s390x.rpm SHA-256: 3f30af3d5f681a35d4dc4b5d887208e7e356d34d4359656e8600cd5107e77305
emacs-debugsource-26.1-11.el8.s390x.rpm SHA-256: f19af8f8e1bed9800d26e4522c981f36166274a13cd619797e006f98b94f49d0
emacs-filesystem-26.1-11.el8.noarch.rpm SHA-256: ff85c423bbd457898ae77ce51e60f2a6591efff14215d0268172b53e43257d82
emacs-lucid-26.1-11.el8.s390x.rpm SHA-256: b1a12effedf51c45812d89b0dbc63178b92968c5f0eda990375bc72b01862c5e
emacs-lucid-debuginfo-26.1-11.el8.s390x.rpm SHA-256: c2c20c185680b8311da6ce616f475613d2ad3a265e8024648dbb9ecd342049ea
emacs-nox-26.1-11.el8.s390x.rpm SHA-256: 57eccfc7340bb866f9cb3cf4015b47288fb87b2278b29eea393c5667d9bd8582
emacs-nox-debuginfo-26.1-11.el8.s390x.rpm SHA-256: 6dc13b18f1a6b7673e308bf4d79067e7cdb4308e943cb3ab4112edc0b59dc864
emacs-terminal-26.1-11.el8.noarch.rpm SHA-256: e65a8c5d967999429ef384038ee7313030602e9e560be17e7aa10238c4178517

Red Hat Enterprise Linux for Power, little endian 8

SRPM
emacs-26.1-11.el8.src.rpm SHA-256: f25f02018f80f3f3ce725fb3a7d3f94270843a2d999d1de4eb39b86ce6edeb6d
ppc64le
emacs-26.1-11.el8.ppc64le.rpm SHA-256: a933966b08a0d0612ed214fb8c71d7c8b1bc629ebe22bb7079c961c1c2eb91f8
emacs-common-26.1-11.el8.ppc64le.rpm SHA-256: 8bb63c1d293b87492d56a3ad3855fc33d7d298d30ccb4006560f9c59e50cb5cb
emacs-common-debuginfo-26.1-11.el8.ppc64le.rpm SHA-256: 87238a0364c34c3a142ac149f4477e9c086108fbc53f7b53ecb4629c6591a662
emacs-debuginfo-26.1-11.el8.ppc64le.rpm SHA-256: 810f5b12df78154492fda2333e91be7f1e22149001fa04a3c539b45fab871fda
emacs-debugsource-26.1-11.el8.ppc64le.rpm SHA-256: cfbf541962b7c0c9b307faadc9bb205ec4e5a6cb65fc105c1de82edc881ab6b5
emacs-filesystem-26.1-11.el8.noarch.rpm SHA-256: ff85c423bbd457898ae77ce51e60f2a6591efff14215d0268172b53e43257d82
emacs-lucid-26.1-11.el8.ppc64le.rpm SHA-256: d3a73479c58a3355b27ec991e150e41f147dd337326d9325549f60100e21557d
emacs-lucid-debuginfo-26.1-11.el8.ppc64le.rpm SHA-256: 7e8ba4c9eeb2233f62a27db32613e6f5a56011c5c7e51be57eaf9ca24c384383
emacs-nox-26.1-11.el8.ppc64le.rpm SHA-256: 09ec02b887a5dcf75d7eed9f72fc5bb285e03f188811164a0bf84fd57b4bf1bd
emacs-nox-debuginfo-26.1-11.el8.ppc64le.rpm SHA-256: e3890f4ccd8a17c6e026feec7b1f624f07e58681cdc0eece2a5263928853591a
emacs-terminal-26.1-11.el8.noarch.rpm SHA-256: e65a8c5d967999429ef384038ee7313030602e9e560be17e7aa10238c4178517

Red Hat Enterprise Linux for ARM 64 8

SRPM
emacs-26.1-11.el8.src.rpm SHA-256: f25f02018f80f3f3ce725fb3a7d3f94270843a2d999d1de4eb39b86ce6edeb6d
aarch64
emacs-26.1-11.el8.aarch64.rpm SHA-256: f01a94aca9a0584f767b718785228a423aab123b8146d8e1e6bcd39aa653f078
emacs-common-26.1-11.el8.aarch64.rpm SHA-256: d7cd8b448ffd89c3922fe926e5c2b024ef047f43f46e9dc463d4ffd28054e6c0
emacs-common-debuginfo-26.1-11.el8.aarch64.rpm SHA-256: e2ad04c0485a92246fefed9c30680dcda2274da4929a6b6f3e5455bfac4fc2c0
emacs-debuginfo-26.1-11.el8.aarch64.rpm SHA-256: 3b7d2e3b06c305e3227b3e8229493873bf931f7418a27b5fe6b64725a3877718
emacs-debugsource-26.1-11.el8.aarch64.rpm SHA-256: 321f2a5162f15f1e43adde6d5928c72161d1ccf5250e86d27615d6891578865e
emacs-filesystem-26.1-11.el8.noarch.rpm SHA-256: ff85c423bbd457898ae77ce51e60f2a6591efff14215d0268172b53e43257d82
emacs-lucid-26.1-11.el8.aarch64.rpm SHA-256: fc3125b82f97af6bf1acc5cdbb9b1bfd9b905b5c0d485ec5158c30652458689e
emacs-lucid-debuginfo-26.1-11.el8.aarch64.rpm SHA-256: efe2b9772c19afb8533a828ddfc1904ae6f6098f707b6ec2078b1da7f8b9f98a
emacs-nox-26.1-11.el8.aarch64.rpm SHA-256: bc79ac49f0a96251d5b6b93e1534441e600ef59eebafb71d7babdf058cf06c46
emacs-nox-debuginfo-26.1-11.el8.aarch64.rpm SHA-256: f13386e299b570f9ef274aedfd3949309e137c4f1f2922126b215493b2b33f0c
emacs-terminal-26.1-11.el8.noarch.rpm SHA-256: e65a8c5d967999429ef384038ee7313030602e9e560be17e7aa10238c4178517

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.