diff options
author | tron <tron> | 2012-08-13 11:50:52 +0000 |
---|---|---|
committer | tron <tron> | 2012-08-13 11:50:52 +0000 |
commit | c8de49d76bed91dde0368a2c94fbe230c31650d1 (patch) | |
tree | 6b8cf9e6886039c7bcaae7d67246d5f37e1bd13c | |
parent | 4858f4eb4200a99c831950566e609c655ca48137 (diff) | |
download | pkgsrc-c8de49d76bed91dde0368a2c94fbe230c31650d1.tar.gz |
Pullup ticket #3898 - requested by wiz
editors/emacs24-nox11: security patch
editors/emacs24: security patch
Revisions pulled up:
- editors/emacs24-nox11/Makefile 1.3
- editors/emacs24-nox11/version.mk 1.2
- editors/emacs24/Makefile 1.4
- editors/emacs24/distinfo 1.3-1.4
- editors/emacs24/patches/patch-aa 1.2
- editors/emacs24/patches/patch-ab 1.2
- editors/emacs24/patches/patch-lisp_files.el 1.1
---
Module Name: pkgsrc
Committed By: marino
Date: Fri Aug 10 10:08:14 UTC 2012
Modified Files:
pkgsrc/editors/emacs24: distinfo
pkgsrc/editors/emacs24/patches: patch-aa patch-ab
Log Message:
editors/emacs24: update configure* patches for DragonFly
DragonFly needs libc explicitly defined for its linker.
The temacs utility still segfaults, but at least it builds now.
---
Module Name: pkgsrc
Committed By: jmmv
Date: Sat Aug 11 17:21:04 UTC 2012
Modified Files:
pkgsrc/editors/emacs24-nox11: version.mk
Log Message:
Fix the build of emacs modules when EMACS_TYPE=emacs24nox.
The emacs flavor is 'emacs' and the package dependency is 'emacs-nox11',
not 'emacs24' nor 'emacs24-nox11' (respectively).
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon Aug 13 06:38:50 UTC 2012
Modified Files:
pkgsrc/editors/emacs24: Makefile distinfo
pkgsrc/editors/emacs24-nox11: Makefile
Log Message:
Fix CVE-2012-3479:
When the Emacs user option `enable-local-variables' is set to `:safe'
(the default value is t), Emacs should automatically refuse to evaluate
`eval' forms in file-local variable sections. Due to the bug, Emacs
instead automatically evaluates such `eval' forms. Thus, if the user
changes the value of `enable-local-variables' to `:safe', visiting a
malicious file can cause automatic execution of arbitrary Emacs Lisp
code with the permissions of the user.
Bug tracker ref: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155
Bump PKGREVISION.
---
Module Name: pkgsrc
Committed By: wiz
Date: Mon Aug 13 06:39:06 UTC 2012
Added Files:
pkgsrc/editors/emacs24/patches: patch-lisp_files.el
Log Message:
Fix CVE-2012-3479:
When the Emacs user option `enable-local-variables' is set to `:safe'
(the default value is t), Emacs should automatically refuse to evaluate
`eval' forms in file-local variable sections. Due to the bug, Emacs
instead automatically evaluates such `eval' forms. Thus, if the user
changes the value of `enable-local-variables' to `:safe', visiting a
malicious file can cause automatic execution of arbitrary Emacs Lisp
code with the permissions of the user.
Bug tracker ref: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155
-rw-r--r-- | editors/emacs24-nox11/Makefile | 4 | ||||
-rw-r--r-- | editors/emacs24-nox11/version.mk | 6 | ||||
-rw-r--r-- | editors/emacs24/Makefile | 4 | ||||
-rw-r--r-- | editors/emacs24/distinfo | 7 | ||||
-rw-r--r-- | editors/emacs24/patches/patch-aa | 20 | ||||
-rw-r--r-- | editors/emacs24/patches/patch-ab | 18 | ||||
-rw-r--r-- | editors/emacs24/patches/patch-lisp_files.el | 37 |
7 files changed, 77 insertions, 19 deletions
diff --git a/editors/emacs24-nox11/Makefile b/editors/emacs24-nox11/Makefile index 7d0086f7b81..b6fe947c9e9 100644 --- a/editors/emacs24-nox11/Makefile +++ b/editors/emacs24-nox11/Makefile @@ -1,7 +1,7 @@ -# $NetBSD: Makefile,v 1.2 2012/06/26 17:02:31 asau Exp $ +# $NetBSD: Makefile,v 1.2.2.1 2012/08/13 11:50:52 tron Exp $ PKGNAME= ${DISTNAME:S/-/-nox11-/} -PKGREVISION= 1 +PKGREVISION= 2 CONFLICTS+= emacs-[0-9]* diff --git a/editors/emacs24-nox11/version.mk b/editors/emacs24-nox11/version.mk index 709de6fb63f..4517fc6c643 100644 --- a/editors/emacs24-nox11/version.mk +++ b/editors/emacs24-nox11/version.mk @@ -1,7 +1,7 @@ -# $NetBSD: version.mk,v 1.1 2012/06/16 21:04:16 dholland Exp $ +# $NetBSD: version.mk,v 1.1.2.1 2012/08/13 11:50:52 tron Exp $ -_EMACS_FLAVOR= emacs24 -_EMACS_REQD= emacs24-nox11>=24.1<25 +_EMACS_FLAVOR= emacs +_EMACS_REQD= emacs-nox11>=24.1<25 _EMACS_VERSION_MAJOR= 24 _EMACS_VERSION_MINOR= 1 diff --git a/editors/emacs24/Makefile b/editors/emacs24/Makefile index 9a78a38c763..a394346db5a 100644 --- a/editors/emacs24/Makefile +++ b/editors/emacs24/Makefile @@ -1,9 +1,9 @@ -# $NetBSD: Makefile,v 1.3 2012/06/29 06:31:35 wiz Exp $ +# $NetBSD: Makefile,v 1.3.2.1 2012/08/13 11:50:52 tron Exp $ CONFLICTS+= emacs-nox11-[0-9]* .include "../../editors/emacs24/Makefile.common" -PKGREVISION= 1 +PKGREVISION= 2 .include "options.mk" diff --git a/editors/emacs24/distinfo b/editors/emacs24/distinfo index 448d609acf6..9d99462571a 100644 --- a/editors/emacs24/distinfo +++ b/editors/emacs24/distinfo @@ -1,9 +1,10 @@ -$NetBSD: distinfo,v 1.2 2012/06/26 17:02:31 asau Exp $ +$NetBSD: distinfo,v 1.2.2.1 2012/08/13 11:50:52 tron Exp $ SHA1 (emacs-24.1.tar.gz) = f064396724a27c83b79b2d890d188abebaa5975e RMD160 (emacs-24.1.tar.gz) = 0fed00042339f46b29449bd561d2f881d13d8d38 Size (emacs-24.1.tar.gz) = 51473111 bytes -SHA1 (patch-aa) = af6b26c47c3c9f4d444365945fa866001c7c28b7 -SHA1 (patch-ab) = 5b724343be52905f51e15f425295686205776e30 +SHA1 (patch-aa) = dc41270debcdeba46056590ff99e72e79bd04729 +SHA1 (patch-ab) = 3021afead5011aa864a2734eeb72136c36580fb2 SHA1 (patch-ad) = adc347ccd6edeb6e7ad96eeb98d6ee64176fb143 SHA1 (patch-ag) = 3e6ee4774189185af10eada9c935120491318313 +SHA1 (patch-lisp_files.el) = 9963e3b6485ae569818f64ab878c3eb46895333d diff --git a/editors/emacs24/patches/patch-aa b/editors/emacs24/patches/patch-aa index d18c23142b8..b4544dc6ae4 100644 --- a/editors/emacs24/patches/patch-aa +++ b/editors/emacs24/patches/patch-aa @@ -1,10 +1,10 @@ -$NetBSD: patch-aa,v 1.1 2012/06/16 21:03:42 dholland Exp $ +$NetBSD: patch-aa,v 1.1.2.1 2012/08/13 11:50:52 tron Exp $ -Add DrgonFly +Add DragonFly ---- configure.in.orig 2012-06-09 13:15:01.000000000 +0900 -+++ configure.in 2012-06-09 13:18:11.000000000 +0900 -@@ -469,6 +469,14 @@ +--- configure.in.orig 2012-06-01 06:17:13.000000000 +0000 ++++ configure.in +@@ -469,6 +469,14 @@ case "${canonical}" in vax-*) machine=vax ;; esac ;; @@ -19,3 +19,13 @@ Add DrgonFly ## OpenBSD ports *-*-openbsd* ) +@@ -998,6 +1006,9 @@ case $opsys in + LIB_MATH= + START_FILES='pre-crt0.o' + ;; ++ dragonfly ) ++ LIB_STANDARD=-lc ++ ;; + freebsd ) + LIB_STANDARD='-lgcc -lc -lgcc $(CRT_DIR)/crtend.o $(CRT_DIR)/crtn.o' + START_FILES='pre-crt0.o $(CRT_DIR)/crt1.o $(CRT_DIR)/crti.o $(CRT_DIR)/crtbegin.o' diff --git a/editors/emacs24/patches/patch-ab b/editors/emacs24/patches/patch-ab index f84f94797ce..8c71322cd2a 100644 --- a/editors/emacs24/patches/patch-ab +++ b/editors/emacs24/patches/patch-ab @@ -1,10 +1,10 @@ -$NetBSD: patch-ab,v 1.1 2012/06/16 21:03:42 dholland Exp $ +$NetBSD: patch-ab,v 1.1.2.1 2012/08/13 11:50:52 tron Exp $ Add DragonFly ---- configure.orig 2012-06-01 15:21:49.000000000 +0900 -+++ configure 2012-06-09 13:19:56.000000000 +0900 -@@ -4476,6 +4476,15 @@ +--- configure.orig 2012-06-10 07:29:35.000000000 +0000 ++++ configure +@@ -4476,6 +4476,15 @@ case "${canonical}" in esac ;; @@ -20,3 +20,13 @@ Add DragonFly ## OpenBSD ports *-*-openbsd* ) opsys=openbsd +@@ -8088,6 +8097,9 @@ case $opsys in + LIB_MATH= + START_FILES='pre-crt0.o' + ;; ++ dragonfly ) ++ LIB_STANDARD=-lc ++ ;; + freebsd ) + LIB_STANDARD='-lgcc -lc -lgcc $(CRT_DIR)/crtend.o $(CRT_DIR)/crtn.o' + START_FILES='pre-crt0.o $(CRT_DIR)/crt1.o $(CRT_DIR)/crti.o $(CRT_DIR)/crtbegin.o' diff --git a/editors/emacs24/patches/patch-lisp_files.el b/editors/emacs24/patches/patch-lisp_files.el new file mode 100644 index 00000000000..cd94c3ab33a --- /dev/null +++ b/editors/emacs24/patches/patch-lisp_files.el @@ -0,0 +1,37 @@ +$NetBSD: patch-lisp_files.el,v 1.1.2.2 2012/08/13 11:50:52 tron Exp $ + +CVE-2012-3479: +When the Emacs user option `enable-local-variables' is set to `:safe' +(the default value is t), Emacs should automatically refuse to evaluate +`eval' forms in file-local variable sections. Due to the bug, Emacs +instead automatically evaluates such `eval' forms. Thus, if the user +changes the value of `enable-local-variables' to `:safe', visiting a +malicious file can cause automatic execution of arbitrary Emacs Lisp +code with the permissions of the user. + +Bug tracker ref: http://debbugs.gnu.org/cgi/bugreport.cgi?bug=12155 + +--- lisp/files.el.orig 2012-05-14 12:00:02.000000000 +0000 ++++ lisp/files.el +@@ -3107,11 +3107,16 @@ DIR-NAME is the name of the associated d + ;; Obey `enable-local-eval'. + ((eq var 'eval) + (when enable-local-eval +- (push elt all-vars) +- (or (eq enable-local-eval t) +- (hack-one-local-variable-eval-safep (eval (quote val))) +- (safe-local-variable-p var val) +- (push elt unsafe-vars)))) ++ (let ((safe (or (hack-one-local-variable-eval-safep ++ (eval (quote val))) ++ ;; In case previously marked safe (bug#5636). ++ (safe-local-variable-p var val)))) ++ ;; If not safe and e-l-v = :safe, ignore totally. ++ (when (or safe (not (eq enable-local-variables :safe))) ++ (push elt all-vars) ++ (or (eq enable-local-eval t) ++ safe ++ (push elt unsafe-vars)))))) + ;; Ignore duplicates (except `mode') in the present list. + ((and (assq var all-vars) (not (eq var 'mode))) nil) + ;; Accept known-safe variables. |