-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

- -------------------------------------------------------------------------
Debian Security Advisory DSA-3970-1                   security@debian.org
https://www.debian.org/security/                       Moritz Muehlenhoff
September 12, 2017                    https://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : emacs24
CVE ID         : not yet available

Charles A. Roelli discovered that Emacs is vulnerable to arbitrary code
execution when rendering text/enriched MIME data (e.g. when using
Emacs-based mail clients).

For the oldstable distribution (jessie), this problem has been fixed
in version 24.4+1-5+deb8u1.

For the stable distribution (stretch), this problem has been fixed in
version 24.5+1-11+deb9u1.

We recommend that you upgrade your emacs24 packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEtuYvPRKsOElcDakFEMKTtsN8TjYFAlm4S7cACgkQEMKTtsN8
TjYGSRAAlBXo00ZHx+P7Rgx3isQJEtlSVbX90C3QRloHAOrbb+DdmjaUO5YaNUvP
YMLJzsGwtl+1lUSKyNpfhE35Gj2r+UHMsgBgxdTg5DO2QxkvxbFlDc4zaIHY5BSA
62+Qch8f56w7Hg/wXaXwOpsTTUhEEgHAVC6gAFLgPedK7DXIzAQeUeJREq5t/4vA
lMUP72zPWpNHc6lu///E1J9Q6Mf8qngK5YnqZgfsYR+oRF3TftI/TIPBxwA6KXSG
bs7zsBH4ahJG141ulFdDzpldtkpnv70lB7OE5YWQKTdi8wjKsLc4MYA9U+NQplhN
lcj4n6huKIPNELi7uLZvvSULHrdjTXBC8yqQptnAFvVG/3WP9Pk32XmVeIP3TP3Z
+Uw6Kt6GkX2VgOndDbCTKNXpwGP8T7xIgK8fceY9SWzI/EFz0UlH5SEbZSFoJCMd
cK6ZaSdTfINDLBcvFa+6XgLjJP3pXHnBpyAH5sVEXR+U68BwXMcD6ziyyYFqezrT
A5MqiJ1RNNc66nqOcbFMwl9pt5eo9K+4V/M+A0dcfVRBbA0aAY6wifhacNsCWnAg
RLe0l3gqiRYG5Yi74rRIwZAW7FlGJnPKSReBdKC3qXE77qUBAN3iETiierUGzN9c
C4IdOQks9R4gkkzoZf6ZjZlicSuR49JK+v4d3Q5nTwAwPYaxZRU=
=0U74
-----END PGP SIGNATURE-----