aboutsummaryrefslogtreecommitdiff
path: root/emacs
diff options
context:
space:
mode:
authorUlrich Müller <ulm@gentoo.org>2022-11-30 13:45:24 +0100
committerUlrich Müller <ulm@gentoo.org>2022-11-30 13:45:24 +0100
commitddeeae41767ee66d2d18e9661bead416f7a4e2ef (patch)
tree2c23afc5d565a6878041c10bfd8857ee23f8b715 /emacs
parentFix ctags command execution vulnerability (diff)
downloademacs-patches-ddeeae41767ee66d2d18e9661bead416f7a4e2ef.tar.gz
emacs-patches-ddeeae41767ee66d2d18e9661bead416f7a4e2ef.tar.bz2
emacs-patches-ddeeae41767ee66d2d18e9661bead416f7a4e2ef.zip
18.59: Don't install ctags and etagsemacs-18.59-patches-15
Bug: https://bugs.gentoo.org/883687 Signed-off-by: Ulrich Müller <ulm@gentoo.org>
Diffstat (limited to 'emacs')
-rw-r--r--emacs/18.59/19_all_no-ctags-etags.patch47
1 files changed, 47 insertions, 0 deletions
diff --git a/emacs/18.59/19_all_no-ctags-etags.patch b/emacs/18.59/19_all_no-ctags-etags.patch
new file mode 100644
index 0000000..4185f35
--- /dev/null
+++ b/emacs/18.59/19_all_no-ctags-etags.patch
@@ -0,0 +1,47 @@
+Don't install ctags and etags (CVE-2022-45939)
+https://bugs.gentoo.org/883687
+
+--- emacs-18.59/ChangeLog
++++ emacs-18.59/ChangeLog
+@@ -1,3 +1,8 @@
++2022-11-30 Ulrich Müller <ulm@gentoo.org>
++
++ * Makefile: (install): Don't install ctags and etags.
++ Local command execution vulnerability, CVE-2022-45939.
++
+ Fri Oct 30 19:36:38 1992 Richard Stallman (rms@mole.gnu.ai.mit.edu)
+
+ * Version 18.59 released.
+--- emacs-18.59/Makefile
++++ emacs-18.59/Makefile
+@@ -64,8 +64,6 @@
+ else true; \
+ fi
+ $(INSTALL) -c etc/emacsclient ${BINDIR}/emacsclient
+- $(INSTALL) -c etc/etags ${BINDIR}/etags
+- $(INSTALL) -c etc/ctags ${BINDIR}/ctags
+ $(INSTALL) -c -m 1755 src/xemacs ${BINDIR}/xemacs
+ $(INSTALL) -c -m 444 etc/emacs.1 ${MANDIR}/emacs.1
+ -rm -f ${BINDIR}/emacs
+--- emacs-18.59/etc/ChangeLog
++++ emacs-18.59/etc/ChangeLog
+@@ -1,3 +1,8 @@
++2022-11-30 Ulrich Müller <ulm@gentoo.org>
++
++ * Makefile (EXECUTABLES): Don't build ctags and etags.
++ Local command execution vulnerability, CVE-2022-45939.
++
+ 2022-06-27 Ulrich Müller <ulm@gentoo.org>
+
+ * server.c (main): Check scanf return value.
+--- emacs-18.59/etc/Makefile
++++ emacs-18.59/etc/Makefile
+@@ -4,7 +4,7 @@
+ # For Mips. Needed for who knows what.
+ # CFLAGS = -g -systype bsd43
+
+-EXECUTABLES = test-distrib etags ctags wakeup make-docfile \
++EXECUTABLES = test-distrib wakeup make-docfile \
+ digest-doc sorted-doc movemail cvtmail fakemail yow env \
+ server emacsclient
+