[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Request to backport fix for CVE-2022-45939 to Emacs 28
From: |
lux |
Subject: |
Re: Request to backport fix for CVE-2022-45939 to Emacs 28 |
Date: |
Tue, 14 Feb 2023 13:07:44 +0800 |
User-agent: |
Evolution 3.46.3 (3.46.3-1.fc37) |
On Mon, 2023-02-13 at 22:47 +0200, Eli Zaretskii wrote:
> > Date: Mon, 13 Feb 2023 12:15:50 -0600
> > From: Troy Hinckley <comms@dabrev.com>
> >
> > My company will not allow an install of Emacs 28 due to CVE-2022-
> > 45939. There is a patch for this in the
> > master branch, but it did not make it in time for Emacs 28.2. We
> > have many Emacs users who would like to
> > upgrade to 28. What would be the effort to back port this fix and
> > do an Emacs 28.3 release?
>
> Unfortunately, we don't have the resources to produce another v28.x
> release. Emacs 29.1 will start its pretest soon, and will have this
> issue resolved when it is released, hopefully in a couple of months.
>
> Alternatively, you could ask the distro which you are using (if you
> are using a distro) to backport that patch to the Emacs 28 codebase.
> Or patch the sources yourself and build Emacs, if that is how you
> produce the binaries.
>
Hi, I can fix the CVE-2022-45939, this is a patch.
Eli, can you merge into emacs-28 branch?
0001-lib-src-etags.c-Fix-CVE-2022-45939.patch
Description: Text Data
- Request to backport fix for CVE-2022-45939 to Emacs 28, Troy Hinckley, 2023/02/13
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/13
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28,
lux <=
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/14
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Troy Hinckley, 2023/02/14
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/14
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Lynn Winebarger, 2023/02/16
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, lux, 2023/02/16
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Tim Cross, 2023/02/14
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Robert Pluim, 2023/02/15
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Richard Stallman, 2023/02/17
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/15
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Richard Stallman, 2023/02/16