Comment 8 for bug 11265

Message-ID: <email address hidden>
Date: Sun, 19 Dec 2004 14:06:55 +0000
From: Jan Minar <email address hidden>
To: Rob Browning <email address hidden>
Cc: <email address hidden>, <email address hidden>
Subject: Re: Bug#286183: emacs21: Arbitrary code execution when opening malicious file (local
 variables)

--YZ5djTAD1cGYuMQK
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Dec 18, 2004 at 06:37:01PM -0600, Rob Browning wrote:
> Rob Browning <email address hidden> writes:
>=20
> > Security team summary: opening the emacs1.emacs file in the
> > indicated google link with a stable emacs will result in yes being
> > launched many times without any advance warning to the user. I
> > presume arbitrary other code might be substituted. I'm not yet sure
> > how this was changed in 21.3+1, but that version (the one in
> > testing/unsable) doesn't appear to execute the code provided in
> > either the emacs1.emacs or emacs2.emacs sample exploits. I'm going
> > to see if I can locate the relevant diff.
>=20
> I've culled a patch from the diff between 21.2 and 21.3 which appears
> to fix the problem. I'll wait to hear from the security team, and I
> may also run it by emacs-devel.

Other emacs and xemacs packages might/probably are affected as well. I
am not familiar with emacs packages in debian (or emacs at all),
therefore someone else will have to check this.

--=20
 )^o-o^| jabber: <email address hidden>
 | .v K e-mail: jjminar FastMail FM
 ` - .' phone: +44(0)7981 738 696
  \ __/Jan icq: 345 355 493
 __|o|__Min=E1=F8 irc: <email address hidden>

--YZ5djTAD1cGYuMQK
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.6 (GNU/Linux)
Comment: For info see http://www.gnupg.org

iD8DBQFBxYr/+uczK20Fa5cRAlJmAKDbbuWe5O8hfCYRWWvo4JwxjtqusgCgvhCU
rLiqKNWssiPtUmuAWaH+YGs=
=Hi5Z
-----END PGP SIGNATURE-----

--YZ5djTAD1cGYuMQK--