ALAS-2025-1964

Amazon Linux 1 Security Advisory: ALAS-2025-1964
Advisory Release Date: 2025-03-13 20:58 Pacific
Advisory Updated Date: 2025-03-13 20:58 Pacific

Severity: Important

References: CVE-2025-1244
FAQs regarding Amazon Linux ALAS/CVE Severity

Issue Overview:

A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows attackers to execute arbitrary shell commands by tricking users into visiting a specially crafted website or an HTTP URL with a redirect. (CVE-2025-1244)

Affected Packages:

emacs

Issue Correction:
Run yum update emacs to update your system.

New Packages:

i686:
    emacs-common-24.3-20.26.amzn1.i686
    emacs-debuginfo-24.3-20.26.amzn1.i686
    emacs-24.3-20.26.amzn1.i686

noarch:
    emacs-el-24.3-20.26.amzn1.noarch

src:
    emacs-24.3-20.26.amzn1.src

x86_64:
    emacs-common-24.3-20.26.amzn1.x86_64
    emacs-debuginfo-24.3-20.26.amzn1.x86_64
    emacs-24.3-20.26.amzn1.x86_64

Additional References

Red Hat: CVE-2025-1244

Mitre: CVE-2025-1244

Select your cookie preferences

Customize cookie preferences

Essential

Performance

Functional

Advertising

ALAS-2025-1964

Additional References