From 7657d230107278d938c8057a4a32facdd9cf3379 Mon Sep 17 00:00:00 2001 From: ryoon Date: Tue, 12 Sep 2017 03:19:02 +0000 Subject: Update emacs25 and emacs25-nox11 to 25.3 Changelog: This is an emergency release to fix a security vulnerability in Emacs. Enriched Text mode has its support for decoding 'x-display' disabled. This feature allows saving 'display' properties as part of text. Emacs 'display' properties support evaluation of arbitrary Lisp forms as part of instantiating the property, so decoding 'x-display' is vulnerable to executing arbitrary malicious Lisp code included in the text (e.g., sent as part of an email message). This vulnerability was introduced in Emacs 19.29. --- editors/emacs25-nox11/Makefile | 3 +- editors/emacs25/Makefile | 3 +- editors/emacs25/distinfo | 10 ++-- editors/emacs25/patches/patch-lisp_gnus_mm-view.el | 29 ---------- .../patches/patch-lisp_textmodes_enriched.el | 64 ---------------------- editors/emacs25/version.mk | 4 +- 6 files changed, 9 insertions(+), 104 deletions(-) delete mode 100644 editors/emacs25/patches/patch-lisp_gnus_mm-view.el delete mode 100644 editors/emacs25/patches/patch-lisp_textmodes_enriched.el (limited to 'editors') diff --git a/editors/emacs25-nox11/Makefile b/editors/emacs25-nox11/Makefile index 3fbfc69b86b..57487b4a27b 100644 --- a/editors/emacs25-nox11/Makefile +++ b/editors/emacs25-nox11/Makefile @@ -1,7 +1,6 @@ -# $NetBSD: Makefile,v 1.4 2017/09/11 11:34:15 wiz Exp $ +# $NetBSD: Makefile,v 1.5 2017/09/12 03:19:02 ryoon Exp $ PKGNAME= ${DISTNAME:S/emacs/emacs25/:S/-/-nox11-/} -PKGREVISION= 2 CONFLICTS+= emacs25-[0-9]* diff --git a/editors/emacs25/Makefile b/editors/emacs25/Makefile index 77304b2a0b0..f9f4359296a 100644 --- a/editors/emacs25/Makefile +++ b/editors/emacs25/Makefile @@ -1,8 +1,7 @@ -# $NetBSD: Makefile,v 1.10 2017/09/11 11:33:08 wiz Exp $ +# $NetBSD: Makefile,v 1.11 2017/09/12 03:19:02 ryoon Exp $ CONFLICTS+= emacs25-nox11-[0-9]* -PKGREVISION= 2 .include "../../editors/emacs25/Makefile.common" .include "options.mk" diff --git a/editors/emacs25/distinfo b/editors/emacs25/distinfo index d3aaf8c30ce..533ae555532 100644 --- a/editors/emacs25/distinfo +++ b/editors/emacs25/distinfo @@ -1,9 +1,9 @@ -$NetBSD: distinfo,v 1.4 2017/09/11 11:33:08 wiz Exp $ +$NetBSD: distinfo,v 1.5 2017/09/12 03:19:02 ryoon Exp $ -SHA1 (emacs-25.2.tar.gz) = 30c18fb0cd932736bb6a7232ab62f562cf89a785 -RMD160 (emacs-25.2.tar.gz) = 2b0cd1fa04abb2156fd4a33f73e9b929f97dca43 -SHA512 (emacs-25.2.tar.gz) = 3ddecdfb64fba400d82b6d44fd03799ac1a2032aa3bda6eb18a83d680465f1df3e8128b9544daaeed4b5ead0ac11955c1ad613de6a489236995def840c4d501c -Size (emacs-25.2.tar.gz) = 64289988 bytes +SHA1 (emacs-25.3.tar.gz) = 732cd74b1df9288855c5f354606c115a1c4dcd95 +RMD160 (emacs-25.3.tar.gz) = 3a1f361ba79b73ba6598f66420477164206f7cdc +SHA512 (emacs-25.3.tar.gz) = a64cf978be0896f06f918fad98391bededfffb2fc651b4941e55f7bab3bfeef16f2b723a5e12c3431fbf9d11098d81f0f0767585ed3d5db768a801aa4440ea68 +Size (emacs-25.3.tar.gz) = 63363581 bytes SHA1 (patch-lisp_gnus_mm-view.el) = b654fffd12d3467ea6ffa33f7d831ff69054dc4f SHA1 (patch-lisp_textmodes_enriched.el) = 62d807368088b11722cd68fafb0017c64f1eac3b SHA1 (patch-src_inotify.c) = 1fdc6566ed57e8418f1ddc85bb03518d7d9d6bb3 diff --git a/editors/emacs25/patches/patch-lisp_gnus_mm-view.el b/editors/emacs25/patches/patch-lisp_gnus_mm-view.el deleted file mode 100644 index e79ac87f753..00000000000 --- a/editors/emacs25/patches/patch-lisp_gnus_mm-view.el +++ /dev/null @@ -1,29 +0,0 @@ -$NetBSD: patch-lisp_gnus_mm-view.el,v 1.1 2017/09/11 11:33:33 wiz Exp $ - -GNU Emacs is an extensible, customizable, free/libre text editor and software -environment. When Emacs renders MIME text/enriched data (Internet RFC 1896), -it is vulnerable to arbitrary code execution. Since Emacs-based mail clients -decode "Content-Type: text/enriched", this code is exploitable remotely. This -bug affects GNU Emacs versions 19.29 through 25.2. - -== Details == - -https://bugs.gnu.org/28350 - -== Patch == - -https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25&id=9ad0fcc54442a9a01d41be19880250783426db70 - ---- lisp/gnus/mm-view.el.orig 2017-02-03 10:25:44.000000000 +0000 -+++ lisp/gnus/mm-view.el -@@ -383,10 +383,6 @@ - (goto-char (point-max)))) - (save-restriction - (narrow-to-region b (point)) -- (when (member type '("enriched" "richtext")) -- (set-text-properties (point-min) (point-max) nil) -- (ignore-errors -- (enriched-decode (point-min) (point-max)))) - (mm-handle-set-undisplayer - handle - `(lambda () diff --git a/editors/emacs25/patches/patch-lisp_textmodes_enriched.el b/editors/emacs25/patches/patch-lisp_textmodes_enriched.el deleted file mode 100644 index b6a45b4bc65..00000000000 --- a/editors/emacs25/patches/patch-lisp_textmodes_enriched.el +++ /dev/null @@ -1,64 +0,0 @@ -$NetBSD: patch-lisp_textmodes_enriched.el,v 1.1 2017/09/11 11:33:33 wiz Exp $ - -GNU Emacs is an extensible, customizable, free/libre text editor and software -environment. When Emacs renders MIME text/enriched data (Internet RFC 1896), -it is vulnerable to arbitrary code execution. Since Emacs-based mail clients -decode "Content-Type: text/enriched", this code is exploitable remotely. This -bug affects GNU Emacs versions 19.29 through 25.2. - -== Details == - -https://bugs.gnu.org/28350 - -== Patch == - -https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-25&id=9ad0fcc54442a9a01d41be19880250783426db70 - ---- lisp/textmodes/enriched.el.orig 2017-02-03 10:25:44.000000000 +0000 -+++ lisp/textmodes/enriched.el -@@ -117,12 +117,7 @@ expression, which is evaluated to get th - (full "flushboth") - (center "center")) - (PARAMETER (t "param")) ; Argument of preceding annotation -- ;; The following are not part of the standard: -- (FUNCTION (enriched-decode-foreground "x-color") -- (enriched-decode-background "x-bg-color") -- (enriched-decode-display-prop "x-display")) - (read-only (t "x-read-only")) -- (display (nil enriched-handle-display-prop)) - (unknown (nil format-annotate-value)) - ; (font-size (2 "bigger") ; unimplemented - ; (-2 "smaller")) -@@ -477,32 +472,5 @@ Return value is \(begin end name positiv - (message "Warning: no color specified for ") - nil)) - --;;; Handling the `display' property. -- -- --(defun enriched-handle-display-prop (old new) -- "Return a list of annotations for a change in the `display' property. --OLD is the old value of the property, NEW is the new value. Value --is a list `(CLOSE OPEN)', where CLOSE is a list of annotations to --close and OPEN a list of annotations to open. Each of these lists --has the form `(ANNOTATION PARAM ...)'." -- (let ((annotation "x-display") -- (param (prin1-to-string (or old new)))) -- (if (null old) -- (cons nil (list (list annotation param))) -- (cons (list (list annotation param)) nil)))) -- --(defun enriched-decode-display-prop (start end &optional param) -- "Decode a `display' property for text between START and END. --PARAM is a `' found for the property. --Value is a list `(START END SYMBOL VALUE)' with START and END denoting --the range of text to assign text property SYMBOL with value VALUE." -- (let ((prop (when (stringp param) -- (condition-case () -- (car (read-from-string param)) -- (error nil))))) -- (unless prop -- (message "Warning: invalid parameter %s" param)) -- (list start end 'display prop))) - - ;;; enriched.el ends here diff --git a/editors/emacs25/version.mk b/editors/emacs25/version.mk index 770b695c385..710066bf59f 100644 --- a/editors/emacs25/version.mk +++ b/editors/emacs25/version.mk @@ -1,7 +1,7 @@ -# $NetBSD: version.mk,v 1.2 2017/04/27 13:27:57 ryoon Exp $ +# $NetBSD: version.mk,v 1.3 2017/09/12 03:19:02 ryoon Exp $ _EMACS_FLAVOR= emacs _EMACS_REQD= emacs25>=25.1<26 _EMACS_VERSION_MAJOR= 25 -_EMACS_VERSION_MINOR= 2 +_EMACS_VERSION_MINOR= 3 -- cgit v1.2.3