diff options
author | 2023-02-26 21:22:47 +0100 | |
---|---|---|
committer | 2023-02-26 21:26:38 +0100 | |
commit | db1716e1306ad0961eccb313a0bb33fca2c73f5a (patch) | |
tree | 25e391aa0710b9630b298e590d7952b23c066ccb /app-misc/rmlint | |
parent | dev-java/gradle-bin: add 7.6.1, drop 7.6 (diff) | |
download | gentoo-db1716e1306ad0961eccb313a0bb33fca2c73f5a.tar.gz gentoo-db1716e1306ad0961eccb313a0bb33fca2c73f5a.tar.bz2 gentoo-db1716e1306ad0961eccb313a0bb33fca2c73f5a.zip |
app-editors/emacs: Fix multiple command injection vulnerabilities
This fixes command injection vulnerabilities in etags (CVE-2022-48337),
ruby-mode (CVE-2022-48338), and htmlfontify (CVE-2022-48339) for Emacs
slots 25, 26, 27, and 28.
Note that Emacs 25 and 26 are not affected by the ruby-mode
vulnerability because function ruby-find-library-file did not yet
exist (and there is no call to the gem command in ruby-mode.el).
Emacs 18 is not affected by either of them: It doesn't have ruby-mode
and htmlfontify, and we no longer install the ctags and etags binaries.
Bug: https://bugs.gentoo.org/897950
Signed-off-by: Ulrich Müller <ulm@gentoo.org>
Diffstat (limited to 'app-misc/rmlint')
0 files changed, 0 insertions, 0 deletions