[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random num
From: |
Eli Zaretskii |
Subject: |
bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems |
Date: |
Wed, 20 Jan 2016 16:12:09 +0200 |
> From: Andy Moreton <andrewjmoreton@gmail.com>
> Date: Wed, 20 Jan 2016 14:06:42 +0000
>
> On Tue 19 Jan 2016, Glenn Morris wrote:
>
> > Andy Moreton wrote:
> >
> >> - broke all builds configured with "--without-gnutls"
> >
> > AFAICS, you are mistaken.
>
> I may well be, but please explain.
> src/sysdep.c (at emacs-25 commit c5ee6de21d4b) contains:
>
> #include "gnutls.h"
> #if 0x020c00 <= GNUTLS_VERSION_NUMBER && !defined WINDOWSNT
> # include <gnutls/crypto.h>
> #else
> # define emacs_gnutls_global_init() Qnil
> # define gnutls_rnd(level, data, len) (-1)
> #endif
>
> How can this build properly on a non-Windows system which does not
> contain an installed "gnutls.h" header ?
That's src/gnutls.h header that comes with Emacs sources.
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, (continued)
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Paul Eggert, 2016/01/18
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Eli Zaretskii, 2016/01/18
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Paul Eggert, 2016/01/19
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Eli Zaretskii, 2016/01/19
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, John Wiegley, 2016/01/19
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Paul Eggert, 2016/01/19
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Eli Zaretskii, 2016/01/19
- Message not available
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Andy Moreton, 2016/01/19
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Glenn Morris, 2016/01/19
- Message not available
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Andy Moreton, 2016/01/20
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems,
Eli Zaretskii <=
- Message not available
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Andy Moreton, 2016/01/20
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Paul Eggert, 2016/01/19
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Eli Zaretskii, 2016/01/19
- bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, Paul Eggert, 2016/01/19