[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Request to backport fix for CVE-2022-45939 to Emacs 28
|
From: |
Richard Stallman |
|
Subject: |
Re: Request to backport fix for CVE-2022-45939 to Emacs 28 |
|
Date: |
Fri, 17 Feb 2023 23:19:58 -0500 |
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> We *could* rush out a 28.3 release, I guess, given that thereʼs only
> one actual non-doc change on the branch, but then again: how is that
> any better than downstream just adding the CVE fix to their builds?
It is normal for users to download the tar file and build from that.
Most of them will not have any way to know that they should patch it.
If we make a 28.3 release with the fix, ordinary users will get that fix.
Otherwise, they won't know about it and won't install it.
Lynn Winebarger wrote:
> FWIW, I suspect a lot of users get automated updates from their
> packager of choice, whether it's [a GNU/Linux] distro, Cygwin, MSYS2, or
> whatever.
Some users will get the fix that way, and that's good. But we also
want users who build from our source release to get important fixes
like this one.
--
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
- Request to backport fix for CVE-2022-45939 to Emacs 28, Troy Hinckley, 2023/02/13
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/13
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, lux, 2023/02/14
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/14
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Troy Hinckley, 2023/02/14
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/14
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Lynn Winebarger, 2023/02/16
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, lux, 2023/02/16
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Tim Cross, 2023/02/14
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Robert Pluim, 2023/02/15
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28,
Richard Stallman <=
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/15
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Richard Stallman, 2023/02/16
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/16
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Jim Porter, 2023/02/16
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/16
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Stefan Kangas, 2023/02/17
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Robert Pluim, 2023/02/17
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Eli Zaretskii, 2023/02/17
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, Stefan Kangas, 2023/02/17
- Re: Request to backport fix for CVE-2022-45939 to Emacs 28, lux, 2023/02/17