Fix an insecurity related to fast-lock-cache-directories (CVE-2008-2142).

diff --git a/debian/changelog b/debian/changelog
index 4ab93b734d3020206cba0ef5668ca88cf1fbafb6..97b3098cc334248935e9b18bfab34f1c634a7796 100644 (file)
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+emacs22 (22.2+2-3) unstable; urgency=low
+
+  * Fix an insecurity related to fast-lock-cache-directories
+    (CVE-2008-2142).  Thanks to   Provided-by: Sven Joachim <svenjoac@gmx.de>
+    and Morten Welinder <mwelinder@gmail.com>. (closes: #480885)
+
+ --
+
 emacs22 (22.2+2-2) unstable; urgency=medium
 
   * Fix debian-expand-file-name-dfsg and describe-gnu-project (C-h C-p).

diff --git a/debian/patches/make-fast-lock-cache-directories-risky-cve-2008-2142.diff b/debian/patches/make-fast-lock-cache-directories-risky-cve-2008-2142.diff
new file mode 100644 (file)
index 0000000..e4fb046
--- /dev/null
+++ b/debian/patches/make-fast-lock-cache-directories-risky-cve-2008-2142.diff
@@ -0,0 +1,56 @@
+* A security problem relating to fast-lock-cache-directories has been fixed.
+  Patch: make-fast-lock-cache-directories-risky-cve-2008-2142.diff
+  Provided-by: Sven Joachim <svenjoac@gmx.de>
+  Originally-reported-by: "Morten Welinder" <mwelinder@gmail.com>
+  Date: Mon, 12 May 2008 19:39:35 +0200
+  Added-by: Rob Browning <rlb@defaultvalue.org>
+  Status: incorporated upstream
+
+  The fast-lock-cache-directories variable no longer includes the
+  current directory, ".", and is now marked as risky.  This has been
+  done to limit the possibility of executing arbitrary code via random
+  .flc files.
+
+  From the upstream ChangeLog:
+
+    2008-05-12  Simon Marshall  <simon@gnu.org>
+
+        * fast-lock.el (fast-lock-cache-directories): Remove "." from its
+        default value and give it the risky-local-variable property.
+
+
+--8<---------------cut here---------------start------------->8---
+Index: fast-lock.el
+===================================================================
+RCS file: /sources/emacs/emacs/lisp/obsolete/fast-lock.el,v
+retrieving revision 1.11.2.3
+retrieving revision 1.11.2.4
+diff -u -r1.11.2.3 -r1.11.2.4
+--- old/lisp/obsolete/fast-lock.el     7 Jan 2008 01:58:14 -0000       1.11.2.3
++++ new/lisp/obsolete/fast-lock.el     12 May 2008 17:30:29 -0000      1.11.2.4
+@@ -286,7 +286,7 @@
+                                     (integer :tag "size")))))
+   :group 'fast-lock)
+ 
+-(defcustom fast-lock-cache-directories '("." "~/.emacs-flc")
++(defcustom fast-lock-cache-directories '("~/.emacs-flc")
+ ; - `internal', keep each file's Font Lock cache file in the same file.
+ ; - `external', keep each file's Font Lock cache file in the same directory.
+   "*Directories in which Font Lock cache files are saved and read.
+@@ -304,12 +304,15 @@
+  ((\"^/your/true/home/directory/\" . \".\") \"~/.emacs-flc\")
+ 
+ would cause a file's current directory to be used if the file is under your
+-home directory hierarchy, or otherwise the absolute directory `~/.emacs-flc'."
++home directory hierarchy, or otherwise the absolute directory `~/.emacs-flc'.
++For security reasons, it is not advisable to use the file's current directory
++to avoid the possibility of using the cache of another user."
+   :type '(repeat (radio (directory :tag "directory")
+                       (cons :tag "Matching"
+                             (regexp :tag "regexp")
+                             (directory :tag "directory"))))
+   :group 'fast-lock)
++(put 'fast-lock-cache-directories 'risky-local-variable t)
+ 
+ (defcustom fast-lock-save-events '(kill-buffer kill-emacs)
+   "*Events under which caches will be saved.

diff --git a/debian/patches/series b/debian/patches/series
index 28c2081c64582bd3e5433041c3de8a3a6f2698e7..81da874f99a40d1712e948e0cb643a5e9ca8f6d8 100644 (file)
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -8,4 +8,5 @@ require-movemail-use-liblockfile.diff
 avoid-fakemail-mail-loss.diff
 version-mention-debian.diff
 fix-vcdiff-tmp-file-handling-cve-2008-1694.diff
+make-fast-lock-cache-directories-risky-cve-2008-2142.diff
 autofiles.diff