./editors/emacs-nox11, GNU editing macros (editor)

[ CVSweb ] [ Homepage ] [ RSS ] [ Required by ] [ Add to tracker ]

Branch: pkgsrc-2012Q2, Version: 23.4nb1, Package name: emacs-nox11-23.4nb1, Maintainer: minskim
Required to build:
[devel/gmake]

Master sites: (Expand)

SHA1: 0a78466fff52d1f43c0db0ea66651a0b13b7e473
RMD160: 5fb7e4cd4270a524b8723ad86a145a0e47336bf7
Filesize: 46602.728 KB

Version history: (Expand)

CVS history: (Expand)


   2012-08-13 15:07:44 by Matthias Scheler | Files touched by this commit (4) 
Log message:
Pullup ticket #3899 - requested by wiz
editors/emacs-nox11: security patch
editors/emacs: security patch

Revisions pulled up:
- editors/emacs-nox11/Makefile                                  1.36
- editors/emacs/Makefile                                        1.146
- editors/emacs/distinfo                                        1.58
- editors/emacs/patches/patch-lisp_files.el                     1.1

---
   Module Name:	pkgsrc
   Committed By:	wiz
   Date:		Mon Aug 13 06:53:07 UTC 2012

   Modified Files:
   	pkgsrc/editors/emacs: Makefile distinfo
   	pkgsrc/editors/emacs-nox11: Makefile
   Added Files:
   	pkgsrc/editors/emacs/patches: patch-lisp_files.el

   Log message:
   Fix CVE-2012-3479:
   When the Emacs user option `enable-local-variables' is set to `:safe'
   (the default value is t), Emacs should automatically refuse to evaluate
   `eval' forms in file-local variable sections.  Due to the bug, Emacs
   instead automatically evaluates such `eval' forms.  Thus, if the user
   changes the value of `enable-local-variables' to `:safe', visiting a
   malicious file can cause automatic execution of arbitrary Emacs Lisp
   code with the permissions of the user.

   Bug tracker ref: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155