projects / emacs.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e46e3fe) | patch
Don't let CEDET execute code from an arbitrary Project.ede file.
authorRob Browning <rlb@defaultvalue.org>
Sun, 29 Jan 2012 19:40:38 +0000 (13:40 -0600)
committerRob Browning <rlb@defaultvalue.org>
Sun, 29 Jan 2012 19:40:38 +0000 (13:40 -0600)
commit47b3d66260508d7529dbd401a3e325fd79cf8e3c
treee9081f5b22c6b1dee937d83d3a1b447222be89a0tree | snapshot
parente46e3fe4cd794f1c1e50a5bc445d184e2f82ce38commit | diff
Don't let CEDET execute code from an arbitrary Project.ede file.

CEDET will no longer execute arbitrary elisp code from any file named
Project.ede that it finds in or above a CEDET-related directory
(CVE-2012-0035).

Provided-by: Florian Weimer <fw@deneb.enyo.de>
Date: Tue, 10 Jan 2012 07:50:49 +0100
Applied-by: Rob Browning <rlb@defaultvalue.org>
Applied-Upstream: http://bzr.savannah.gnu.org/lh/emacs/emacs-23/revision/100631
Bug-Debian: http://bugs.debian.org/655299
Closes: #655299
lisp/cedet/ChangeLog diff | blob | history
lisp/cedet/ede.el diff | blob | history
lisp/cedet/ede/auto.el diff | blob | history
lisp/cedet/ede/simple.el diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.