From 0dd714d250f7d3fcdfdab31736889469d244b7fc Mon Sep 17 00:00:00 2001 From: Rob Browning Date: Wed, 23 Jul 2008 19:30:07 -0700 Subject: [PATCH] Fix an insecurity related to fast-lock-cache-directories (CVE-2008-2142). --- debian/changelog | 8 +++ ...cache-directories-risky-cve-2008-2142.diff | 56 +++++++++++++++++++ debian/patches/series | 1 + 3 files changed, 65 insertions(+) create mode 100644 debian/patches/make-fast-lock-cache-directories-risky-cve-2008-2142.diff diff --git a/debian/changelog b/debian/changelog index 4ab93b734d3..97b3098cc33 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,11 @@ +emacs22 (22.2+2-3) unstable; urgency=low + + * Fix an insecurity related to fast-lock-cache-directories + (CVE-2008-2142). Thanks to Provided-by: Sven Joachim + and Morten Welinder . (closes: #480885) + + -- + emacs22 (22.2+2-2) unstable; urgency=medium * Fix debian-expand-file-name-dfsg and describe-gnu-project (C-h C-p). diff --git a/debian/patches/make-fast-lock-cache-directories-risky-cve-2008-2142.diff b/debian/patches/make-fast-lock-cache-directories-risky-cve-2008-2142.diff new file mode 100644 index 00000000000..e4fb0468654 --- /dev/null +++ b/debian/patches/make-fast-lock-cache-directories-risky-cve-2008-2142.diff @@ -0,0 +1,56 @@ +* A security problem relating to fast-lock-cache-directories has been fixed. + Patch: make-fast-lock-cache-directories-risky-cve-2008-2142.diff + Provided-by: Sven Joachim + Originally-reported-by: "Morten Welinder" + Date: Mon, 12 May 2008 19:39:35 +0200 + Added-by: Rob Browning + Status: incorporated upstream + + The fast-lock-cache-directories variable no longer includes the + current directory, ".", and is now marked as risky. This has been + done to limit the possibility of executing arbitrary code via random + .flc files. + + From the upstream ChangeLog: + + 2008-05-12 Simon Marshall + + * fast-lock.el (fast-lock-cache-directories): Remove "." from its + default value and give it the risky-local-variable property. + + +--8<---------------cut here---------------start------------->8--- +Index: fast-lock.el +=================================================================== +RCS file: /sources/emacs/emacs/lisp/obsolete/fast-lock.el,v +retrieving revision 1.11.2.3 +retrieving revision 1.11.2.4 +diff -u -r1.11.2.3 -r1.11.2.4 +--- old/lisp/obsolete/fast-lock.el 7 Jan 2008 01:58:14 -0000 1.11.2.3 ++++ new/lisp/obsolete/fast-lock.el 12 May 2008 17:30:29 -0000 1.11.2.4 +@@ -286,7 +286,7 @@ + (integer :tag "size"))))) + :group 'fast-lock) + +-(defcustom fast-lock-cache-directories '("." "~/.emacs-flc") ++(defcustom fast-lock-cache-directories '("~/.emacs-flc") + ; - `internal', keep each file's Font Lock cache file in the same file. + ; - `external', keep each file's Font Lock cache file in the same directory. + "*Directories in which Font Lock cache files are saved and read. +@@ -304,12 +304,15 @@ + ((\"^/your/true/home/directory/\" . \".\") \"~/.emacs-flc\") + + would cause a file's current directory to be used if the file is under your +-home directory hierarchy, or otherwise the absolute directory `~/.emacs-flc'." ++home directory hierarchy, or otherwise the absolute directory `~/.emacs-flc'. ++For security reasons, it is not advisable to use the file's current directory ++to avoid the possibility of using the cache of another user." + :type '(repeat (radio (directory :tag "directory") + (cons :tag "Matching" + (regexp :tag "regexp") + (directory :tag "directory")))) + :group 'fast-lock) ++(put 'fast-lock-cache-directories 'risky-local-variable t) + + (defcustom fast-lock-save-events '(kill-buffer kill-emacs) + "*Events under which caches will be saved. diff --git a/debian/patches/series b/debian/patches/series index 28c2081c645..81da874f99a 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -8,4 +8,5 @@ require-movemail-use-liblockfile.diff avoid-fakemail-mail-loss.diff version-mention-debian.diff fix-vcdiff-tmp-file-handling-cve-2008-1694.diff +make-fast-lock-cache-directories-risky-cve-2008-2142.diff autofiles.diff -- 2.30.2