svn commit: r304727 - in head/editors/emacs23: . files
Ashish SHUKLA
ashish at FreeBSD.org
Sun Sep 23 00:31:34 UTC 2012
Author: ashish
Date: Sun Sep 23 00:31:33 2012
New Revision: 304727
URL: http://svn.freebsd.org/changeset/ports/304727
Log:
- Fix remote code execution vulnerability
- Bump PORTEPOCH
Security: http://www.vuxml.org/freebsd/c1e5f35e-f93d-11e1-b07f-00235a5f2c9a.html
Added:
head/editors/emacs23/files/patch-lisp_files.el (contents, props changed)
Modified:
head/editors/emacs23/Makefile
Modified: head/editors/emacs23/Makefile
==============================================================================
--- head/editors/emacs23/Makefile Sat Sep 22 23:26:57 2012 (r304726)
+++ head/editors/emacs23/Makefile Sun Sep 23 00:31:33 2012 (r304727)
@@ -8,6 +8,7 @@
PORTNAME= emacs
PORTVERSION= ${EMACS_VER}
PORTREVISION?= 2
+PORTEPOCH= 1
CATEGORIES= editors ipv6
MASTER_SITES= ${MASTER_SITE_GNU}
MASTER_SITE_SUBDIR= ${PORTNAME}
Added: head/editors/emacs23/files/patch-lisp_files.el
==============================================================================
--- /dev/null 00:00:00 1970 (empty, because file is newly added)
+++ head/editors/emacs23/files/patch-lisp_files.el Sun Sep 23 00:31:33 2012 (r304727)
@@ -0,0 +1,27 @@
+
+$FreeBSD$
+
+--- lisp/files.el.orig
++++ lisp/files.el
+@@ -2986,11 +2986,16 @@
+ ;; Obey `enable-local-eval'.
+ ((eq var 'eval)
+ (when enable-local-eval
+- (push elt all-vars)
+- (or (eq enable-local-eval t)
+- (hack-one-local-variable-eval-safep (eval (quote val)))
+- (safe-local-variable-p var val)
+- (push elt unsafe-vars))))
++ (let ((safe (or (hack-one-local-variable-eval-safep
++ (eval (quote val)))
++ ;; In case previously marked safe (bug#5636).
++ (safe-local-variable-p var val))))
++ ;; If not safe and e-l-v = :safe, ignore totally.
++ (when (or safe (not (eq enable-local-variables :safe)))
++ (push elt all-vars)
++ (or (eq enable-local-eval t)
++ safe
++ (push elt unsafe-vars))))))
+ ;; Ignore duplicates (except `mode') in the present list.
+ ((and (assq var all-vars) (not (eq var 'mode))) nil)
+ ;; Accept known-safe variables.
More information about the svn-ports-all
mailing list