On Thu, Sep 06, 2012 at 10:52:30AM -0500, Rob Browning wrote:
Moritz Muehlenhoff j...@inutil.org writes:
I was more thinking about unstable, where this is still unfixed for emacs23.
In that case I've had to take some time to finish working out another
problem (that requires simultaneous
On Wed, Sep 05, 2012 at 07:42:47PM -0500, Rob Browning wrote:
Moritz Muehlenhoff j...@inutil.org writes:
On Mon, Aug 13, 2012 at 09:03:34PM -0500, Rob Browning wrote:
I'll be happy to work on this, but I may not have much time until
Thu/Fri.
What's the status?
For CVE-2012-3479
Moritz Muehlenhoff j...@inutil.org writes:
I was more thinking about unstable, where this is still unfixed for emacs23.
In that case I've had to take some time to finish working out another
problem (that requires simultaneous changes to emacs23/24 in both wheezy
and sid) -- it's an issue with
On Mon, Aug 13, 2012 at 09:03:34PM -0500, Rob Browning wrote:
Henri Salo he...@nerv.fi writes:
Paul Ling has found a security flaw in the file-local variables code
in GNU Emacs. When the Emacs user option `enable-local-variables' is
set to `:safe' (the default value is t), Emacs should
Moritz Muehlenhoff j...@inutil.org writes:
On Mon, Aug 13, 2012 at 09:03:34PM -0500, Rob Browning wrote:
I'll be happy to work on this, but I may not have much time until
Thu/Fri.
What's the status?
For CVE-2012-3479 (#684695), I prepared the release and sent the debdiff
to rt.debian.org
Package: emacs23
Version: 23.2+1-7
Severity: important
Tags: security, fixed-upstream
Paul Ling has found a security flaw in the file-local variables code in GNU
Emacs. When the Emacs user option `enable-local-variables' is set to `:safe'
(the default value is t), Emacs should automatically
Henri Salo he...@nerv.fi writes:
Paul Ling has found a security flaw in the file-local variables code
in GNU Emacs. When the Emacs user option `enable-local-variables' is
set to `:safe' (the default value is t), Emacs should automatically
refuse to evaluate `eval' forms in file-local variable
7 matches
Mail list logo
