A package that simplifies the task of creating, building, and debugging large programs with Emacs. It provides some of the features of an IDE, or Integrated Development Environment, in Emacs.
An untrusted search path vulnerability was discovered in EDE.
A local attacker could escalate his privileges via a specially crafted Lisp expression in a Project.ede file in the directory or a parent directory of an opened file.
There is no known workaround at this time.
All EDE users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-xemacs/ede-1.07"