[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#17428: emacs23: Insecure use of temporary files in included lisp lib
|
From: |
Glenn Morris |
|
Subject: |
bug#17428: emacs23: Insecure use of temporary files in included lisp libraries/packages |
|
Date: |
Thu, 08 May 2014 12:22:38 -0400 |
|
User-agent: |
Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/) |
Steve Kemp wrote:
> http://www.openwall.com/lists/oss-security/2014/05/07/7
OK. For the record I don't think any of these issues are anything but
trivial in practice, except possibly the tramp one.
find-gc.el looked completely broken, I doubt anyone had used it in ~ a
decade.
I see they still want us to do something about the Mosaic one, sigh.
So I will do something for that. Someone would have to actively
configure their system to use mosaic, or have no other browser program
installed except xmosaic, for this to even potentially be an issue.
I see Mosaic got some CVEs out of this too. :)
The gnus-fun one is some obscure thing to do with xawtv. Again I guess
it doesn't have (m)any users, or doesn't even work any more, since it
relies on files /tftpboot/sparky/tmp/snap.*ppm existing.
But yes, they should all be fixed.