Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 900587 (CVE-2023-27985, CVE-2023-27986) - <x11-misc/emacs-desktop-mail-1.2: Code injection vulnerabilities through crafted mailto URI
Summary: <x11-misc/emacs-desktop-mail-1.2: Code injection vulnerabilities through craf...
Status: RESOLVED FIXED
Alias: CVE-2023-27985, CVE-2023-27986
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL:
Whiteboard: ~2 [noglsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2023-03-09 15:00 UTC by Ulrich Müller
Modified: 2023-03-11 04:43 UTC (History)
1 user (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Ulrich Müller gentoo-dev 2023-03-09 15:00:35 UTC
CVE-2023-27985: emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections through a crafted mailto: URI. This is related to lack of compliance with the Desktop Entry Specification.

CVE-2023-27986: emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to Emacs Lisp code injections through a crafted mailto: URI with unescaped double-quote characters.

The app-editors/emacs package never installed the desktop file in question, so they are _not_ affected.

The file is installed by x11-misc/emacs-desktop-mail, which has been fixed in version 1.2 (and previous versions have been removed):
https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0f29d9f2912573e696b9cb6019cb036246d7d21e
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2023-03-11 04:43:22 UTC
All unstable, so already all done, thanks!