info-gnus-english
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security: Gnus & GNU Emacs 25.2 enriched text remote code execution


From: Reiner Steib
Subject: Security: Gnus & GNU Emacs 25.2 enriched text remote code execution
Date: Mon, 11 Sep 2017 23:57:20 +0200
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux)

Emacs 25.3 is an emergency release to fix a security vulnerability
that is exploitable remotely in Emacs-based mail clients (such as
Gnus).

Please update to Emacs 25.3 as soon as possible:
http://lists.gnu.org/archive/html/info-gnu-emacs/2017-09/msg00000.html

To work around the bug in Emacs versions before 25.3, put the
following code in your personal or site-wide Emacs init file
(~/.emacs, ~/emacs.d/init.el, site-start.el):

  (eval-after-load "enriched"
    '(defun enriched-decode-display-prop (start end &optional param)
       (list start end)))

See also <http://www.openwall.com/lists/oss-security/2017/09/11/1>.

Bye, Reiner.



reply via email to

[Prev in Thread] Current Thread [Next in Thread]