[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [ANNOUNCE] Emacs 25.3 released

From: Roland Winkler
Subject: Re: [ANNOUNCE] Emacs 25.3 released
Date: Tue, 12 Sep 2017 11:06:14 -0500
User-agent: Gnus/5.13 (Gnus v5.13) Emacs/25.2 (gnu/linux)

On Mon, Sep 11 2017, Nicolas Petton wrote:
> This vulnerability was introduced in Emacs 19.29.  To work around that
> in Emacs versions before 25.3, append the following to your ~/.emacs
> init file:
>   (eval-after-load "enriched"
>     '(defun enriched-decode-display-prop (start end &optional param)
>        (list start end)))

Many users may have the problem that they cannot upgrade immediately to
25.3.  Is it fair to say that putting the above lines of code in
~/.emacs fully protects the user from the vulnerability?  If yes, we may
want to advertise these lines of code more broadly.  Or do the above
lines of code provide only an incomplete fix?  Then, what can users do
instead when they still have to use older versions of emacs?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]