CVE-2014-3422

Note

The xemacs21-packages code looked very different; the esrc comment
looks out-dated. I'm marking these not-affected because it looked safe to me
but review by an emacs expert would be welcome.

Package	Release	Status
emacs-snapshot Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	lucid	Ignored (end of life)
	precise	Does not exist
	quantal	Does not exist
	saucy	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	utopic	Does not exist
	vivid	Does not exist
	wily	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
emacs22 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	lucid	Ignored (end of life)
	precise	Does not exist
	quantal	Does not exist
	saucy	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	utopic	Does not exist
	vivid	Does not exist
	wily	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
emacs23 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	lucid	Ignored (end of life)
	precise	Ignored (end of life)
	quantal	Ignored (end of life)
	saucy	Ignored (end of life)
	trusty	Does not exist (trusty was needed)
	upstream	Needs triage
	utopic	Ignored (end of life)
	vivid	Does not exist
	wily	Does not exist
	xenial	Does not exist
	yakkety	Does not exist
	zesty	Does not exist
	Patches: upstream: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00056.html
	This vulnerability is mitigated in part by the use of symlink restrictions in Ubuntu. This vulnerability is mitigated in part by the use of hardlink restrictions in Ubuntu.
emacs24 Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	trusty	Does not exist (trusty was needed)
	upstream	Released (24.3+1-4)
	xenial	Not vulnerable (24.5+1-6ubuntu1)
	zesty	Not vulnerable (24.5+1-8ubuntu2)
	Patches: upstream: http://lists.gnu.org/archive/html/emacs-diffs/2014-05/msg00056.html
	This vulnerability is mitigated in part by the use of symlink restrictions in Ubuntu. This vulnerability is mitigated in part by the use of hardlink restrictions in Ubuntu.
emacs25 Launchpad, Ubuntu, Debian	artful	Not vulnerable
	bionic	Not vulnerable
	cosmic	Does not exist
	disco	Does not exist
	trusty	Does not exist
	upstream	Not vulnerable
	xenial	Does not exist
	zesty	Not vulnerable
xemacs21 Launchpad, Ubuntu, Debian	artful	Not vulnerable (code-not-present)
	bionic	Not vulnerable (code-not-present)
	cosmic	Does not exist
	disco	Does not exist
	lucid	Ignored (end of life)
	precise	Not vulnerable (code-not-present)
	quantal	Not vulnerable (code-not-present)
	saucy	Not vulnerable (code-not-present)
	trusty	Does not exist (trusty was not-affected [code-not-present])
	upstream	Needs triage
	utopic	Not vulnerable (code-not-present)
	vivid	Not vulnerable (code-not-present)
	wily	Not vulnerable (code-not-present)
	xenial	Not vulnerable (code-not-present)
	yakkety	Not vulnerable (code-not-present)
	zesty	Not vulnerable (code-not-present)
xemacs21-packages Launchpad, Ubuntu, Debian	artful	Not vulnerable
	bionic	Not vulnerable
	cosmic	Does not exist
	disco	Does not exist
	lucid	Not vulnerable
	precise	Not vulnerable
	quantal	Not vulnerable
	saucy	Not vulnerable
	trusty	Does not exist (trusty was not-affected)
	upstream	Needs triage
	utopic	Not vulnerable
	vivid	Not vulnerable
	wily	Not vulnerable
	xenial	Not vulnerable
	yakkety	Not vulnerable
	zesty	Not vulnerable

CVE-2014-3422

Notes

Priority

Status

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Further reading