[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Security: Gnus & GNU Emacs 25.2 enriched text remote code execution
From: |
Reiner Steib |
Subject: |
Security: Gnus & GNU Emacs 25.2 enriched text remote code execution |
Date: |
Mon, 11 Sep 2017 23:57:20 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/25.1 (gnu/linux) |
Emacs 25.3 is an emergency release to fix a security vulnerability
that is exploitable remotely in Emacs-based mail clients (such as
Gnus).
Please update to Emacs 25.3 as soon as possible:
http://lists.gnu.org/archive/html/info-gnu-emacs/2017-09/msg00000.html
To work around the bug in Emacs versions before 25.3, put the
following code in your personal or site-wide Emacs init file
(~/.emacs, ~/emacs.d/init.el, site-start.el):
(eval-after-load "enriched"
'(defun enriched-decode-display-prop (start end &optional param)
(list start end)))
See also <http://www.openwall.com/lists/oss-security/2017/09/11/1>.
Bye, Reiner.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- Security: Gnus & GNU Emacs 25.2 enriched text remote code execution,
Reiner Steib <=