操作系统--麒麟信安操作系统,国产操作系统,麒麟信安云桌面—

公告ID (KylinSec-SA-2025-1636)

摘要:

emacs security update

安全等级: High

公告ID: KylinSec-SA-2025-1636

发布日期: 2025年3月18日

关联CVE: CVE-2025-1244

详细介绍

1. 漏洞描述

Emacs is the extensible, customizable, self-documenting real-time display editor. At its core is an interpreter for Emacs Lisp, a dialect of the Lisp programming language with extensions to support text editing. And it is an entire ecosystem of functionality beyond text editing, including a project planner, mail and news reader, debugger interface, calendar, and more.

Security Fix(es):

A command injection flaw was found in the text editor Emacs. It could allow a remote, unauthenticated attacker to execute arbitrary shell commands on a vulnerable system. Exploitation is possible by tricking users into visiting a specially crafted website or an HTTP URL with a redirect.(CVE-2025-1244)

2. 影响范围

cve名称	产品	组件	是否受影响
CVE-2025-1244	KY3.4-5A	emacs	Fixed
CVE-2025-1244	V6	emacs	Fixed

3. 影响组件

emacs

4. 修复版本

KY3.4-5A

软件名称	架构	版本号
emacs-filesystem	noarch	27.1-15.kb1.ky3_4
emacs-help	noarch	27.1-15.kb1.ky3_4
emacs-terminal	noarch	27.1-15.kb1.ky3_4
emacs	x86_64	27.1-15.kb1.ky3_4
emacs-common	x86_64	27.1-15.kb1.ky3_4
emacs-devel	x86_64	27.1-15.kb1.ky3_4
emacs-lucid	x86_64	27.1-15.kb1.ky3_4
emacs-nox	x86_64	27.1-15.kb1.ky3_4
emacs	aarch64	27.1-15.kb1.ky3_4
emacs-common	aarch64	27.1-15.kb1.ky3_4
emacs-devel	aarch64	27.1-15.kb1.ky3_4
emacs-lucid	aarch64	27.1-15.kb1.ky3_4
emacs-nox	aarch64	27.1-15.kb1.ky3_4

V6

软件名称	架构	版本号
emacs-filesystem	noarch	29.1-4.ks6
emacs-help	noarch	29.1-4.ks6
emacs-terminal	noarch	29.1-4.ks6
emacs	x86_64	29.1-4.ks6
emacs-common	x86_64	29.1-4.ks6
emacs-devel	x86_64	29.1-4.ks6
emacs-lucid	x86_64	29.1-4.ks6
emacs-nox	x86_64	29.1-4.ks6
emacs	aarch64	29.1-4.ks6
emacs-common	aarch64	29.1-4.ks6
emacs-devel	aarch64	29.1-4.ks6
emacs-lucid	aarch64	29.1-4.ks6
emacs-nox	aarch64	29.1-4.ks6