Hello community, here is the log from the commit of package emacs for openSUSE:Factory checked in at 2014-05-18 06:49:13 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/emacs (Old) and /work/SRC/openSUSE:Factory/.emacs.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "emacs" Changes: -------- --- /work/SRC/openSUSE:Factory/emacs/emacs.changes 2014-05-06 13:39:31.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.emacs.new/emacs.changes 2014-05-18 06:49:18.000000000 +0200 @@ -1,0 +2,16 @@ +Fri May 9 07:38:29 UTC 2014 - [email protected] + +- Modify emacs-24.3-giflib5-interlace.patch in such a way that + it works with older giflibraries + +------------------------------------------------------------------- +Thu May 8 11:59:32 UTC 2014 - [email protected] + +- Add the patches + CVE-2014-3421.patch + CVE-2014-3422.patch + CVE-2014-3423.patch + CVE-2014-3424.patch + to avoid several unsecure usage of temporary files (bnc#876847) + +------------------------------------------------------------------- @@ -21 +37 @@ -- Do not reassign S-up and S-down anymore (bnc#858430) +- Do not reassign S-left, S-right, S-up and S-down anymore (bnc#858430) New: ---- CVE-2014-3421.patch CVE-2014-3422.patch CVE-2014-3423.patch CVE-2014-3424.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ emacs.spec ++++++ --- /var/tmp/diff_new_pack.zWbpTm/_old 2014-05-18 06:49:19.000000000 +0200 +++ /var/tmp/diff_new_pack.zWbpTm/_new 2014-05-18 06:49:19.000000000 +0200 @@ -99,6 +99,14 @@ Patch12: emacs-24.3-x11r7.patch Patch15: emacs-24.3-iconic.patch Patch16: emacs-24.3-flyspell.patch +# PATCH-FIX-USTREAM -- Unsecure use of temporary files (patch 1) (bnc#876847) +Patch17: CVE-2014-3421.patch +# PATCH-FIX-USTREAM -- Unsecure use of temporary files (patch 2) (bnc#876847) +Patch18: CVE-2014-3422.patch +# PATCH-FIX-USTREAM -- Unsecure use of temporary files (patch 3) (bnc#876847) +Patch19: CVE-2014-3423.patch +# PATCH-FIX-USTREAM -- Unsecure use of temporary files (patch 4) (bnc#876847) +Patch20: CVE-2014-3424.patch Patch22: emacs-24.1-bnc628268.patch Patch25: emacs-24.3-giflib5.patch Patch26: emacs-24.3-nntp-typhoon-fix.patch @@ -212,6 +220,10 @@ %patch12 -p0 -b .x11r7 %patch15 -p0 -b .iconic %patch16 -p0 -b .flyspell +%patch17 -p0 -b .CVE-2014-3421 +%patch18 -p0 -b .CVE-2014-3422 +%patch19 -p0 -b .CVE-2014-3423 +%patch20 -p0 -b .CVE-2014-3424 %patch -p0 %patch22 -p0 %patch25 -p0 @@ -494,6 +506,10 @@ rm -vf %{buildroot}%{_datadir}/emacs/%{version}/lisp/loaddefs.el.flc rm -vf %{buildroot}%{_datadir}/emacs/%{version}/lisp/progmodes/python.el.python rm -vf %{buildroot}%{_datadir}/emacs/%{version}/lisp/textmodes/flyspell.el.flyspell +rm -vf %{buildroot}%{_datadir}/emacs/%{version}/lisp/emacs-lisp/find-gc.el.CVE-2014-3422 +rm -vf %{buildroot}%{_datadir}/emacs/%{version}/lisp/gnus/gnus-fun.el.CVE-2014-3421 +rm -vf %{buildroot}%{_datadir}/emacs/%{version}/lisp/net/browse-url.el.CVE-2014-3423 +rm -vf %{buildroot}%{_datadir}/emacs/%{version}/lisp/net/tramp-sh.el.CVE-2014-3424 unelc %{buildroot}%{_datadir}/emacs/%{version}/lisp/bindings.elc unelc %{buildroot}%{_datadir}/emacs/%{version}/lisp/cus-start.elc unelc %{buildroot}%{_datadir}/emacs/%{version}/lisp/generic-x.elc ++++++ CVE-2014-3421.patch ++++++ Based on revno: 117066 revision-id: address@hidden parent: address@hidden fixes bug: http://bugs.debian.org/747100 committer: Glenn Morris <address@hidden> branch nick: emacs-24 timestamp: Mon 2014-05-05 20:50:51 -0700 message: * gnus-fun.el (gnus-grab-cam-face): Do not use predictable temp-file name. modified: lisp/gnus/ChangeLog changelog-20091113204419-o5vbwnq5f7feedwu-1433 lisp/gnus/gnus-fun.el gnusfun.el-20091113204419-o5vbwnq5f7feedwu-3243 --- lisp/gnus/gnus-fun.el +++ lisp/gnus/gnus-fun.el 2014-05-08 11:52:32.362735285 +0000 @@ -250,20 +250,21 @@ colors of the displayed X-Faces." (interactive) (shell-command "xawtv-remote snap ppm") (let ((file nil) + (tempfile (make-temp-file "gnus-face-" nil ".ppm")) result) (while (null (setq file (directory-files "/tftpboot/sparky/tmp" t "snap.*ppm"))) (sleep-for 1)) (setq file (car file)) (shell-command - (format "pnmcut -left 110 -top 30 -width 144 -height 144 '%s' | pnmscale -width 48 -height 48 | ppmtopgm > /tmp/gnus.face.ppm" - file)) + (format "pnmcut -left 110 -top 30 -width 144 -height 144 '%s' | pnmscale -width 48 -height 48 | ppmtopgm >> %s" + file tempfile)) (let ((gnus-convert-image-to-face-command (format "cat '%%s' | ppmquant %%d | ppmchange %s | pnmtopng" (gnus-fun-ppm-change-string)))) - (setq result (gnus-face-from-file "/tmp/gnus.face.ppm"))) + (setq result (gnus-face-from-file tempfile))) (delete-file file) - ;;(delete-file "/tmp/gnus.face.ppm") + ;;(delete-file tempfile) ; FIXME why are we not deleting it?! result)) (defun gnus-fun-ppm-change-string () ++++++ CVE-2014-3422.patch ++++++ Based on revno: 117067 revision-id: address@hidden parent: address@hidden fixes bug: http://bugs.debian.org/747100 committer: Glenn Morris <address@hidden> branch nick: emacs-24 timestamp: Mon 2014-05-05 20:53:31 -0700 message: find-gc.el misc fixes The whole file looks obsolete and/or broken. * lisp/emacs-lisp/find-gc.el (find-gc-source-directory): Give it a value. (find-gc-source-files): Update some names. (trace-call-tree): Simplify and update. Avoid predictable temp-file names. modified: lisp/ChangeLog changelog-20091113204419-o5vbwnq5f7feedwu-1432 lisp/emacs-lisp/find-gc.el findgc.el-20091113204419-o5vbwnq5f7feedwu-2220 --- lisp/emacs-lisp/find-gc.el +++ lisp/emacs-lisp/find-gc.el 2014-05-08 11:53:44.738766224 +0000 @@ -23,14 +23,15 @@ ;; Produce in find-gc-unsafe-list the set of all functions that may invoke GC. ;; This expects the Emacs sources to live in find-gc-source-directory. -;; It creates a temporary working directory /tmp/esrc. ;;; Code: (defvar find-gc-unsafe-list nil "The list of unsafe functions is placed here by `find-gc-unsafe'.") -(defvar find-gc-source-directory) +(defvar find-gc-source-directory + (file-name-as-directory (expand-file-name "src" source-directory)) + "Directory containing Emacs C sources.") (defvar find-gc-subrs-callers nil "Alist of users of subrs, from GC testing. @@ -59,14 +60,14 @@ Each entry has the form (FUNCTION . FUNC "indent.c" "search.c" "regex.c" "undo.c" "alloc.c" "data.c" "doc.c" "editfns.c" "callint.c" "eval.c" "fns.c" "print.c" "lread.c" - "abbrev.c" "syntax.c" "unexcoff.c" + "syntax.c" "unexcoff.c" "bytecode.c" "process.c" "callproc.c" "doprnt.c" - "x11term.c" "x11fns.c")) + "xterm.c" "xfns.c")) (defun find-gc-unsafe () "Return a list of unsafe functions--that is, which can call GC. -Also store it in `find-gc-unsafe'." +Also store it in `find-gc-unsafe-list'." (trace-call-tree nil) (trace-use-tree) (find-unsafe-funcs 'Fgarbage_collect) @@ -102,47 +103,38 @@ Also store it in `find-gc-unsafe'." -(defun trace-call-tree (&optional already-setup) +(defun trace-call-tree (&optional ignored) (message "Setting up directories...") - (or already-setup - (progn - ;; Gee, wouldn't a built-in "system" function be handy here. - (call-process "csh" nil nil nil "-c" "rm -rf /tmp/esrc") - (call-process "csh" nil nil nil "-c" "mkdir /tmp/esrc") - (call-process "csh" nil nil nil "-c" - (format "ln -s %s/*.[ch] /tmp/esrc" - find-gc-source-directory)))) - (with-current-buffer (get-buffer-create "*Trace Call Tree*") - (setq find-gc-subrs-called nil) - (let ((case-fold-search nil) - (files find-gc-source-files) - name entry) - (while files - (message "Compiling %s..." (car files)) - (call-process "csh" nil nil nil "-c" - (format "gcc -dr -c /tmp/esrc/%s -o /dev/null" - (car files))) - (erase-buffer) - (insert-file-contents (concat "/tmp/esrc/" (car files) ".rtl")) - (while (re-search-forward ";; Function \\|(call_insn " nil t) - (if (= (char-after (- (point) 3)) ?o) - (progn - (looking-at "[a-zA-Z0-9_]+") - (setq name (intern (buffer-substring (match-beginning 0) - (match-end 0)))) - (message "%s : %s" (car files) name) - (setq entry (list name) - find-gc-subrs-called (cons entry find-gc-subrs-called))) - (if (looking-at ".*\n?.*\"\\([A-Za-z0-9_]+\\)\"") + (setq find-gc-subrs-called nil) + (let ((case-fold-search nil) + (default-directory find-gc-source-directory) + (files find-gc-source-files) + name entry rtlfile) + (dolist (file files) + (message "Compiling %s..." file) + (call-process "gcc" nil nil nil "-I" "." "-I" "../lib" + "-fdump-rtl-expand" "-o" null-device "-c" file) + (setq rtlfile + (file-expand-wildcards (format "%s.*.expand" file) t)) + (if (/= 1 (length rtlfile)) + (message "Error compiling `%s'?" file) + (with-temp-buffer + (insert-file-contents (setq rtlfile (car rtlfile))) + (delete-file rtlfile) + (while (re-search-forward ";; Function \\|(call_insn " nil t) + (if (= (char-after (- (point) 3)) ?o) (progn - (setq name (intern (buffer-substring (match-beginning 1) - (match-end 1)))) - (or (memq name (cdr entry)) - (setcdr entry (cons name (cdr entry)))))))) - (delete-file (concat "/tmp/esrc/" (car files) ".rtl")) - (setq files (cdr files))))) -) - + (looking-at "[a-zA-Z0-9_]+") + (setq name (intern (match-string 0))) + (message "%s : %s" (car files) name) + (setq entry (list name) + find-gc-subrs-called + (cons entry find-gc-subrs-called))) + (if (looking-at ".*\n?.*\"\\([A-Za-z0-9_]+\\)\"") + (progn + (setq name (intern (match-string 1))) + (or (memq name (cdr entry)) + (setcdr entry (cons name (cdr entry))))))))))))) (defun trace-use-tree () (setq find-gc-subrs-callers (mapcar 'list (mapcar 'car find-gc-subrs-called))) ++++++ CVE-2014-3423.patch ++++++ Based on revno: 117068 revision-id: address@hidden parent: address@hidden committer: Glenn Morris <address@hidden> branch nick: emacs-24 timestamp: Mon 2014-05-05 20:55:54 -0700 message: browse-url.el comment modified: lisp/net/browse-url.el browseurl.el-20091113204419-o5vbwnq5f7feedwu-1785 --- lisp/net/browse-url.el +++ lisp/net/browse-url.el 2014-05-08 11:54:48.194721113 +0000 @@ -1335,6 +1335,9 @@ used instead of `browse-url-new-window-f (kill-buffer nil))) (if (and pid (zerop (signal-process pid 0))) ; Mosaic running (save-excursion + ;; This is a predictable temp-file name, which is bad, + ;; but it is what Mosaic uses/used. + ;; So it's not Emacs's problem. http://bugs.debian.org/747100 (find-file (format "/tmp/Mosaic.%d" pid)) (erase-buffer) (insert (if (browse-url-maybe-new-window new-window) ++++++ CVE-2014-3424.patch ++++++ Based on revno: 117071 revision-id: address@hidden parent: address@hidden committer: Michael Albinus <address@hidden> branch nick: emacs-24 timestamp: Tue 2014-05-06 11:51:05 +0200 message: Fix Bug#17415. * net/tramp-sh.el (tramp-uudecode): Replace the hard-coded temporary file name by a format specifier. (tramp-remote-coding-commands): Enhance docstring. (tramp-find-inline-encoding): Replace "%t" by a temporary file name. modified: lisp/ChangeLog changelog-20091113204419-o5vbwnq5f7feedwu-1432 lisp/net/tramp-sh.el trampsh.el-20100913133439-a1faifh29eqoi4nh-1 --- lisp/net/tramp-sh.el +++ lisp/net/tramp-sh.el 2014-05-08 11:56:08.770262271 +0000 @@ -605,9 +605,9 @@ This list is used for copying/renaming w See `tramp-actions-before-shell' for more info.") (defconst tramp-uudecode - "(echo begin 600 /tmp/tramp.$$; tail +2) | uudecode -cat /tmp/tramp.$$ -rm -f /tmp/tramp.$$" + "(echo begin 600 %t; tail -n +2) | uudecode +cat %t +rm -f %t" "Shell function to implement `uudecode' to standard output. Many systems support `uudecode -o /dev/stdout' or `uudecode -o -' for this or `uudecode -p', but some systems don't, and for them @@ -3938,7 +3938,7 @@ Each item is a list that looks like this \(FORMAT ENCODING DECODING [TEST]\) -FORMAT is symbol describing the encoding/decoding format. It can be +FORMAT is a symbol describing the encoding/decoding format. It can be `b64' for base64 encoding, `uu' for uu encoding, or `pack' for simple packing. ENCODING and DECODING can be strings, giving commands, or symbols, @@ -3948,9 +3948,11 @@ filename will be put into the command li specifier is not present, the input should be read from standard input. -If they are variables, this variable is a string containing a Perl -implementation for this functionality. This Perl program will be transferred -to the remote host, and it is available as shell function with the same name. +If they are variables, this variable is a string containing a +Perl or Shell implementation for this functionality. This +program will be transferred to the remote host, and it is +available as shell function with the same name. A \"%t\" format +specifier in the variable value denotes a temporary file. The optional TEST command can be used for further tests, whether ENCODING and DECODING are applicable.") @@ -4025,10 +4027,25 @@ Goes through the list `tramp-local-codin (throw 'wont-work-remote nil)) (when (not (stringp rem-dec)) - (let ((name (symbol-name rem-dec))) + (let ((name (symbol-name rem-dec)) + (value (symbol-value rem-dec)) + tmpfile) (while (string-match (regexp-quote "-") name) (setq name (replace-match "_" nil t name))) - (tramp-maybe-send-script vec (symbol-value rem-dec) name) + (when (string-match "%t" value) + (setq tmpfile + (make-temp-name + (expand-file-name + tramp-temp-name-prefix + (tramp-get-remote-tmpdir vec))) + value + (format-spec + value + (format-spec-make + ?t + (tramp-file-name-handler + 'file-remote-p tmpfile 'localname))))) + (tramp-maybe-send-script vec value name) (setq rem-dec name))) (tramp-message vec 5 ++++++ dot.gnu-emacs ++++++ --- /var/tmp/diff_new_pack.zWbpTm/_old 2014-05-18 06:49:20.000000000 +0200 +++ /var/tmp/diff_new_pack.zWbpTm/_new 2014-05-18 06:49:20.000000000 +0200 @@ -422,8 +422,8 @@ ; (global-set-key [C-up] 'previous-line) ; (global-set-key [C-down] 'next-line) ;; - (global-set-key [S-left] 'backward-char) - (global-set-key [S-right] 'forward-char) +; (global-set-key [S-left] 'backward-char) +; (global-set-key [S-right] 'forward-char) ; (global-set-key [S-up] 'previous-line) ; (global-set-key [S-down] 'next-line) ;; ++++++ emacs-24.3-giflib5-interlace.patch ++++++ --- /var/tmp/diff_new_pack.zWbpTm/_old 2014-05-18 06:49:20.000000000 +0200 +++ /var/tmp/diff_new_pack.zWbpTm/_new 2014-05-18 06:49:20.000000000 +0200 @@ -6,13 +6,16 @@ Index: emacs-24.3/src/image.c =================================================================== ---- emacs-24.3.orig/src/image.c +--- emacs-24.3/src/image.c +++ emacs-24.3/src/image.c -@@ -7378,7 +7378,7 @@ gif_load (struct frame *f, struct image +@@ -7378,7 +7378,10 @@ gif_load (struct frame *f, struct image } /* Apply the pixel values. */ - if (gif->SavedImages[j].ImageDesc.Interlace) ++#ifndef GIFLIB_MAJOR ++# define GIFLIB_MAJOR 0 ++#endif + if (GIFLIB_MAJOR < 5 && gif->SavedImages[j].ImageDesc.Interlace) { int row, pass; -- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
