[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Request to backport fix for CVE-2022-45939 to Emacs 28
From: |
Robert Pluim |
Subject: |
Re: Request to backport fix for CVE-2022-45939 to Emacs 28 |
Date: |
Tue, 14 Feb 2023 09:13:40 +0100 |
>>>>> On Mon, 13 Feb 2023 22:47:07 +0200, Eli Zaretskii <eliz@gnu.org> said:
>> Date: Mon, 13 Feb 2023 12:15:50 -0600
>> From: Troy Hinckley <comms@dabrev.com>
>>
>> My company will not allow an install of Emacs 28 due to CVE-2022-45939.
There is a patch for this in the
>> master branch, but it did not make it in time for Emacs 28.2. We have
many Emacs users who would like to
>> upgrade to 28. What would be the effort to back port this fix and do an
Emacs 28.3 release?
Eli> Unfortunately, we don't have the resources to produce another v28.x
Eli> release. Emacs 29.1 will start its pretest soon, and will have this
Eli> issue resolved when it is released, hopefully in a couple of months.
Eli> Alternatively, you could ask the distro which you are using (if you
Eli> are using a distro) to backport that patch to the Emacs 28 codebase.
Eli> Or patch the sources yourself and build Emacs, if that is how you
Eli> produce the binaries.
Or for minimal effort: donʼt install the emacs-28 'etags'
Robert
--
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, (continued)
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Stefan Kangas, 2023/02/17
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Robert Pluim, 2023/02/17
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/17
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Stefan Kangas, 2023/02/17
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, lux, 2023/02/17
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, lux, 2023/02/18
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Richard Stallman, 2023/02/18
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/19
Re: Request to backport fix for CVE-2022-45939 to Emacs 28,
Robert Pluim <=