From 6aa5e73f8747df4eb565596ea5c675aae0f7f566 Mon Sep 17 00:00:00 2001 From: Rob Browning Date: Fri, 23 Nov 2007 16:41:56 -0800 Subject: [PATCH] Fix local-variables risk (CVE-2007-5795). --- debian/changelog | 9 ++++++ ...ix-local-variables-risk-cve-2007-5795.diff | 28 +++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 38 insertions(+) create mode 100644 debian/patches/fix-local-variables-risk-cve-2007-5795.diff diff --git a/debian/changelog b/debian/changelog index 3985a76671c..6cd364bf0ec 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,12 @@ +emacs22 (22.1+1-3) unstable; urgency=low + + * Incorporate a patch to fix a vulnerability in the handling of file + local variables (CVE-2007-5795) (closes: #449008). Thanks to Drake + Wilson , and also thanks to Romain Francoise for + the 22.1+1-2.1 NMU. [rlb] + + -- Rob Browning Fri, 23 Nov 2007 16:12:04 -0800 + emacs22 (22.1+1-2) unstable; urgency=low * Fix mail locking patch for Debian's non-Linux architectures. Thanks diff --git a/debian/patches/fix-local-variables-risk-cve-2007-5795.diff b/debian/patches/fix-local-variables-risk-cve-2007-5795.diff new file mode 100644 index 00000000000..b1176fe1621 --- /dev/null +++ b/debian/patches/fix-local-variables-risk-cve-2007-5795.diff @@ -0,0 +1,28 @@ +* A security vulnerability in the handling of local variables has been fixed. + Patch: cve-2007-5795.diff + Provided-by: Drake Wilson + Date: Sat Nov 24 00:39:36 UTC 2007 + Added-by: Rob Browning + Status: merged upstream + + Upstream changelog entry: + + 2007-11-02 Drake Wilson (tiny change) + + * files.el (hack-local-variables): Fix membership tests to avoid + treating all variables as safe if `enable-local-variables' is + set to :safe. + +--- a/lisp/files.el ++++ b/lisp/files.el +@@ -2736,8 +2736,8 @@ + ;; If caller wants only the safe variables, + ;; install only them. + (dolist (elt result) +- (unless (or (memq (car elt) unsafe-vars) +- (memq (car elt) risky-vars)) ++ (unless (or (member elt unsafe-vars) ++ (member elt risky-vars)) + (hack-one-local-variable (car elt) (cdr elt)))) + ;; Query, except in the case where all are known safe + ;; if the user wants no quuery in that case. diff --git a/debian/patches/series b/debian/patches/series index c1531c8ef51..188b2c18cf9 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -1,4 +1,5 @@ fix-emacs-manpage.diff +fix-local-variables-risk-cve-2007-5795.diff fix-bitmap-icon-arg.diff debian-site-init-el.diff debian-startup.diff -- 2.30.2