pkgsrc-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

CVS commit: pkgsrc/editors



Module Name:    pkgsrc
Committed By:   wiz
Date:           Mon Aug 13 06:38:50 UTC 2012

Modified Files:
        pkgsrc/editors/emacs24: Makefile distinfo
        pkgsrc/editors/emacs24-nox11: Makefile

Log Message:
Fix CVE-2012-3479:
When the Emacs user option `enable-local-variables' is set to `:safe'
(the default value is t), Emacs should automatically refuse to evaluate
`eval' forms in file-local variable sections.  Due to the bug, Emacs
instead automatically evaluates such `eval' forms.  Thus, if the user
changes the value of `enable-local-variables' to `:safe', visiting a
malicious file can cause automatic execution of arbitrary Emacs Lisp
code with the permissions of the user.

Bug tracker ref: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155

Bump PKGREVISION.


To generate a diff of this commit:
cvs rdiff -u -r1.3 -r1.4 pkgsrc/editors/emacs24/Makefile \
    pkgsrc/editors/emacs24/distinfo
cvs rdiff -u -r1.2 -r1.3 pkgsrc/editors/emacs24-nox11/Makefile

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.




Home | Main Index | Thread Index | Old Index