bug#12155: [Kurt Seifried] Re: [oss-security] Security flaw in GNU Emacs

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#12155: [Kurt Seifried] Re: [oss-security] Security flaw in GNU Emacs

From:	Chong Yidong
Subject:	bug#12155: [Kurt Seifried] Re: [oss-security] Security flaw in GNU Emacs file-local variables
Date:	Tue, 14 Aug 2012 11:16:50 +0800
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/24.1.50 (gnu/linux)

--- Begin Message --- Subject: Re: [oss-security] Security flaw in GNU Emacs file-local variables Date: Sun, 12 Aug 2012 23:42:36 -0600 User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:14.0) Gecko/20120717 Thunderbird/14.0

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/12/2012 09:22 PM, Chong Yidong wrote:
> Paul Ling has found a security flaw in the file-local variables
> code in GNU Emacs.  We are preparing a new Emacs release to address
> this flaw, and would like to request a CVE.
> 
> When the Emacs user option `enable-local-variables' is set to
> `:safe' (the default value is t), Emacs should automatically refuse
> to evaluate `eval' forms in file-local variable sections.  Due to
> the bug, Emacs instead automatically evaluates such `eval' forms.
> Thus, if the user changes the value of `enable-local-variables' to
> `:safe', visiting a malicious file can cause automatic execution of
> arbitrary Emacs Lisp code with the permissions of the user.
> 
> The bug is present in Emacs 23.2, 23.3, 23.4, and 24.1.
> 
> Attached are patches to fix this bug for Emacs 23.4 and Emacs
> 24.1, written by Glenn Morris.  (The 23.4 patch should apply to the
> rest of the Emacs 23.x series.)
> 
> Bug tracker ref:
> http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155

Please use CVE-2012-3479 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJQKJPMAAoJEBYNRVNeJnmTfa8QAMp9laqz/ihbWisZWmHk5kkQ
1afhhPxgSOauIPnuc2myWIP53lu8buJOgXOCo1Tl6fvfjMGu8zWJ3gr3xnqRyYjr
m1EbiUZtrqdlyukvkReU08CVWmW8lXkn6W3znc3S6JQNq+eRxgBXMvcbAtNnJzKA
ri6ApmMIqKZkbV9p8hqyHeNcdCdfi4nrjBr4vff6UX4SM1hqe05P6DOa8FCoRDIj
Wt81d3zUenGwuVyFaRknuqw0dwQ6svwjCpcpsZnEiwjPZG+8IDlo8aCrvuThKh+x
DTcD3Lt8Vr7+6QhAf7a20PDwJvM1KcinkHDQ1qE6ZvmxcdTJmoY0R+2wZqdnX2UZ
f7mlqS8GPxH4V173ypz98eM0IhI/E4ZXSlTHg0vThq33QJ9NNjQ0OuDJhM5fuikF
vY/s2n2TymrEAIjP6CMwZjZfSe56SzcJadR3Pq56H7RD+zSJYJmfasWbK56acjHA
qE5xxvunO7UZPMAsYqUMGIqVCv5EsiDmmoFF/Xtlk98/at8AWfKNt27IGqPU+io3
ShpGjDcptN8yitOPaPcEaAim6ndfObL4LlLozNv85M71oJ7tcDGiVBPaPRIjB0AJ
bXpunXMcEigQlazVy/T4CIv7r2P2ZR64at16t0LKiR4XiTL016rjUkhSuHdPSdU3
FS+YTLukIBYRDIFbbJss
=jFS2
-----END PGP SIGNATURE-----

--- End Message ---

[Prev in Thread]

Current Thread

[Next in Thread]

bug#12155: 24.1; Potential Security Flaw with `enable-local-eval', `enable-local-variables', Paul Ling, 2012/08/07
- bug#12155: 24.1; Potential Security Flaw with `enable-local-eval', `enable-local-variables', Glenn Morris, 2012/08/07
- bug#12155: [Kurt Seifried] Re: [oss-security] Security flaw in GNU Emacs file-local variables, Chong Yidong <=

Prev by Date: bug#12007: 24.1.50; Crash in auto-revert-handler
Next by Date: bug#12193: 24.1.50; 24.1.50; Completion broken in revno 109116
Previous by thread: bug#12155: 24.1; Potential Security Flaw with `enable-local-eval', `enable-local-variables'
Next by thread: bug#10397: [PATCH] Under Remote Desktop, NUMCOLORS is unreliable; workaround
Index(es):
- Date
- Thread