Commit message (Collapse) | Author | Age | Files | Lines | |
---|---|---|---|---|---|
* | Fix multiple command injection vulnerabilitiesemacs-28.2-patches-3emacs-27.2-patches-6emacs-26.3-patches-5emacs-25.3-patches-5 | Ulrich Müller | 2023-02-26 | 4 | -0/+181 |
| | | | | | | | | | | | | | | | | This fixes command injection vulnerabilities in etags (CVE-2022-48337), ruby-mode (CVE-2022-48338), and htmlfontify (CVE-2022-48339) for Emacs slots 25, 26, 27, and 28. Note that Emacs 25 and 26 are not affected by the ruby-mode vulnerability because function ruby-find-library-file did not yet exist (and there is no call to the gem command in ruby-mode.el). Emacs 18 is not affected by either of them: It doesn't have ruby-mode and htmlfontify, and we no longer install the ctags and etags binaries. Bug: https://bugs.gentoo.org/897950 Signed-off-by: Ulrich Müller <ulm@gentoo.org> | ||||
* | Support webkit2gtk-4.1emacs-28.2-patches-2emacs-27.2-patches-5emacs-26.3-patches-4 | Ulrich Müller | 2023-02-12 | 1 | -0/+26 |
| | | | | Signed-off-by: Ulrich Müller <ulm@gentoo.org> | ||||
* | Fix ctags command execution vulnerabilityemacs-28.2-patches-1emacs-27.2-patches-4emacs-26.3-patches-3emacs-25.3-patches-4 | Ulrich Müller | 2022-11-30 | 1 | -0/+255 |
| | | | | | Bug: https://bugs.gentoo.org/883687 Signed-off-by: Ulrich Müller <ulm@gentoo.org> | ||||
* | 28.2: Copy patchset from 28.1 | Ulrich Müller | 2022-11-30 | 1 | -0/+15 |
Signed-off-by: Ulrich Müller <ulm@gentoo.org> |