Hi Romain, * Romain Francoise <[EMAIL PROTECTED]> [2007-12-13 23:01]: > This bug is caused by the fix for CVE-2007-6109; I don't know where > Nico got the patch but it's incomplete, it's missing this change > from upstream:
This was the patch upstream posted to vendor-sec :( > | 2007-11-23 Andreas Schwab <[EMAIL PROTECTED]> > | > | * editfns.c (Fformat): Handle %c specially since it requires the > | argument to be of type int. > > You can find the corresponding patch here: > > > http://cvs.savannah.gnu.org/viewvc/emacs/src/editfns.c?root=emacs&r1=1.439.2.8&r2=1.439.2.9&pathrev=EMACS_22_BASE > > Nico, can you NMU again and include this additional patch on top of > CVE-2007-6109.diff? I'm raising the severity of this bug to prevent > the migration to testing. Yes sure, thanks for noticing me. I will go to bed now and will prepare an NMU as soon as I wake up. There is also a testing-security version of emacs so I need to fix this in testing as well. Kind regards Nico -- Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF For security reasons, all text in this mail is double-rot13 encrypted.
pgpFzFk8SNK9s.pgp
Description: PGP signature
