CVE-2012-3479
This commit is contained in:
parent
88d07e40d1
commit
4b2c39e943
33
emacs-cve-2012-3479.patch
Normal file
33
emacs-cve-2012-3479.patch
Normal file
@ -0,0 +1,33 @@
|
|||||||
|
*** emacs-24.1/lisp/files.el~ 2012-08-13 10:54:50.256181658 +0800
|
||||||
|
--- emacs-24.1/lisp/files.el 2012-08-13 10:54:58.076181990 +0800
|
||||||
|
***************
|
||||||
|
*** 3107,3117 ****
|
||||||
|
;; Obey `enable-local-eval'.
|
||||||
|
((eq var 'eval)
|
||||||
|
(when enable-local-eval
|
||||||
|
! (push elt all-vars)
|
||||||
|
! (or (eq enable-local-eval t)
|
||||||
|
! (hack-one-local-variable-eval-safep (eval (quote val)))
|
||||||
|
! (safe-local-variable-p var val)
|
||||||
|
! (push elt unsafe-vars))))
|
||||||
|
;; Ignore duplicates (except `mode') in the present list.
|
||||||
|
((and (assq var all-vars) (not (eq var 'mode))) nil)
|
||||||
|
;; Accept known-safe variables.
|
||||||
|
--- 3107,3122 ----
|
||||||
|
;; Obey `enable-local-eval'.
|
||||||
|
((eq var 'eval)
|
||||||
|
(when enable-local-eval
|
||||||
|
! (let ((safe (or (hack-one-local-variable-eval-safep
|
||||||
|
! (eval (quote val)))
|
||||||
|
! ;; In case previously marked safe (bug#5636).
|
||||||
|
! (safe-local-variable-p var val))))
|
||||||
|
! ;; If not safe and e-l-v = :safe, ignore totally.
|
||||||
|
! (when (or safe (not (eq enable-local-variables :safe)))
|
||||||
|
! (push elt all-vars)
|
||||||
|
! (or (eq enable-local-eval t)
|
||||||
|
! safe
|
||||||
|
! (push elt unsafe-vars))))))
|
||||||
|
;; Ignore duplicates (except `mode') in the present list.
|
||||||
|
((and (assq var all-vars) (not (eq var 'mode))) nil)
|
||||||
|
;; Accept known-safe variables.
|
||||||
|
|
@ -3,7 +3,7 @@ Summary: GNU Emacs text editor
|
|||||||
Name: emacs
|
Name: emacs
|
||||||
Epoch: 1
|
Epoch: 1
|
||||||
Version: 24.1
|
Version: 24.1
|
||||||
Release: 5%{?dist}
|
Release: 6%{?dist}
|
||||||
License: GPLv3+
|
License: GPLv3+
|
||||||
URL: http://www.gnu.org/software/emacs/
|
URL: http://www.gnu.org/software/emacs/
|
||||||
Group: Applications/Editors
|
Group: Applications/Editors
|
||||||
@ -31,6 +31,8 @@ Patch8: emacs-locate-library.patch
|
|||||||
# Fix building without gets function, which is removed from recent
|
# Fix building without gets function, which is removed from recent
|
||||||
# version of glibc.
|
# version of glibc.
|
||||||
Patch9: emacs-nogets.patch
|
Patch9: emacs-nogets.patch
|
||||||
|
# rhbz#847702
|
||||||
|
Patch10: emacs-cve-2012-3479.patch
|
||||||
|
|
||||||
BuildRequires: atk-devel, cairo-devel, freetype-devel, fontconfig-devel, dbus-devel, giflib-devel, glibc-devel, gtk3-devel, libpng-devel
|
BuildRequires: atk-devel, cairo-devel, freetype-devel, fontconfig-devel, dbus-devel, giflib-devel, glibc-devel, gtk3-devel, libpng-devel
|
||||||
BuildRequires: libjpeg-devel, libtiff-devel, libX11-devel, libXau-devel, libXdmcp-devel, libXrender-devel, libXt-devel
|
BuildRequires: libjpeg-devel, libtiff-devel, libX11-devel, libXau-devel, libXdmcp-devel, libXrender-devel, libXt-devel
|
||||||
@ -157,6 +159,7 @@ packages that add functionality to Emacs.
|
|||||||
%patch7 -p1 -b .spellchecker
|
%patch7 -p1 -b .spellchecker
|
||||||
%patch8 -p1 -b .locate-library
|
%patch8 -p1 -b .locate-library
|
||||||
%patch9 -p1 -b .nogets
|
%patch9 -p1 -b .nogets
|
||||||
|
%patch10 -p1 -b .cve-2012-3479
|
||||||
|
|
||||||
# Install site-lisp files
|
# Install site-lisp files
|
||||||
cp %SOURCE10 site-lisp
|
cp %SOURCE10 site-lisp
|
||||||
@ -441,6 +444,10 @@ update-desktop-database &> /dev/null || :
|
|||||||
%dir %{_datadir}/emacs/site-lisp/site-start.d
|
%dir %{_datadir}/emacs/site-lisp/site-start.d
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Aug 13 2012 Karel Klíč <kklic@redhat.com> - 1:24.1-6
|
||||||
|
- Fix CVE-2012-3479: Evaluation of 'eval' forms in file-local variable
|
||||||
|
sections, when 'enable-local-variables' set to ':safe'
|
||||||
|
|
||||||
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:24.1-5
|
* Wed Jul 18 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1:24.1-5
|
||||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user