Amazon Linux 2023 Security Advisory: ALAS2023-2025-867
Advisory Released Date: 2025-03-06
Advisory Updated Date: 2025-03-06
Severity:
Important
Issue Overview:
A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows attackers to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. (CVE-2025-1244)
Affected Packages:
emacs
Issue Correction:
Run dnf update emacs --releasever 2023.6.20250303 to update your system.
New Packages:
aarch64:
emacs-nox-debuginfo-28.2-3.amzn2023.0.10.aarch64
emacs-lucid-debuginfo-28.2-3.amzn2023.0.10.aarch64
emacs-common-debuginfo-28.2-3.amzn2023.0.10.aarch64
emacs-devel-28.2-3.amzn2023.0.10.aarch64
emacs-debuginfo-28.2-3.amzn2023.0.10.aarch64
emacs-debugsource-28.2-3.amzn2023.0.10.aarch64
emacs-lucid-28.2-3.amzn2023.0.10.aarch64
emacs-28.2-3.amzn2023.0.10.aarch64
emacs-nox-28.2-3.amzn2023.0.10.aarch64
emacs-common-28.2-3.amzn2023.0.10.aarch64
noarch:
emacs-filesystem-28.2-3.amzn2023.0.10.noarch
emacs-terminal-28.2-3.amzn2023.0.10.noarch
src:
emacs-28.2-3.amzn2023.0.10.src
x86_64:
emacs-devel-28.2-3.amzn2023.0.10.x86_64
emacs-lucid-debuginfo-28.2-3.amzn2023.0.10.x86_64
emacs-debuginfo-28.2-3.amzn2023.0.10.x86_64
emacs-nox-debuginfo-28.2-3.amzn2023.0.10.x86_64
emacs-common-debuginfo-28.2-3.amzn2023.0.10.x86_64
emacs-debugsource-28.2-3.amzn2023.0.10.x86_64
emacs-nox-28.2-3.amzn2023.0.10.x86_64
emacs-28.2-3.amzn2023.0.10.x86_64
emacs-lucid-28.2-3.amzn2023.0.10.x86_64
emacs-common-28.2-3.amzn2023.0.10.x86_64