From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Eli Zaretskii Newsgroups: gmane.emacs.bugs Subject: bug#28350: enriched.el code execution Date: Sat, 16 Sep 2017 12:48:58 +0300 Message-ID: <83a81vkm7p.fsf@gnu.org> References: <305e0573-2e10-cb15-4133-9bd72d33ea5e@cs.ucla.edu> <83y3pls1qu.fsf@gnu.org> <83y3plqck1.fsf@gnu.org> Reply-To: Eli Zaretskii NNTP-Posting-Host: blaine.gmane.org X-Trace: blaine.gmane.org 1505555419 24768 195.159.176.226 (16 Sep 2017 09:50:19 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Sat, 16 Sep 2017 09:50:19 +0000 (UTC) Cc: eggert@cs.ucla.edu, 28350-done@debbugs.gnu.org To: charles@aurox.ch, larsi@gnus.org Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Sat Sep 16 11:50:12 2017 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dt9jn-0006Av-Bl for geb-bug-gnu-emacs@m.gmane.org; Sat, 16 Sep 2017 11:50:11 +0200 Original-Received: from localhost ([::1]:56574 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dt9jt-0005gH-Fr for geb-bug-gnu-emacs@m.gmane.org; Sat, 16 Sep 2017 05:50:17 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:37007) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dt9ji-0005a2-M4 for bug-gnu-emacs@gnu.org; Sat, 16 Sep 2017 05:50:10 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dt9je-0000UF-Q7 for bug-gnu-emacs@gnu.org; Sat, 16 Sep 2017 05:50:06 -0400 Original-Received: from debbugs.gnu.org ([208.118.235.43]:34671) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dt9je-0000U3-NA for bug-gnu-emacs@gnu.org; Sat, 16 Sep 2017 05:50:02 -0400 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1dt9je-0006DZ-Dz for bug-gnu-emacs@gnu.org; Sat, 16 Sep 2017 05:50:02 -0400 Resent-From: Eli Zaretskii Original-Sender: "Debbugs-submit" Resent-To: bug-gnu-emacs@gnu.org Resent-Date: Sat, 16 Sep 2017 09:50:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: cc-closed 28350 X-GNU-PR-Package: emacs X-GNU-PR-Keywords: security Mail-Followup-To: 28350@debbugs.gnu.org, eliz@gnu.org, charles@aurox.ch Original-Received: via spool by 28350-done@debbugs.gnu.org id=D28350.150555535023836 (code D ref 28350); Sat, 16 Sep 2017 09:50:02 +0000 Original-Received: (at 28350-done) by debbugs.gnu.org; 16 Sep 2017 09:49:10 +0000 Original-Received: from localhost ([127.0.0.1]:43351 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dt9ik-0006CI-Mk for submit@debbugs.gnu.org; Sat, 16 Sep 2017 05:49:10 -0400 Original-Received: from eggs.gnu.org ([208.118.235.92]:45760) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dt9if-0006Bl-JP for 28350-done@debbugs.gnu.org; Sat, 16 Sep 2017 05:49:04 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dt9iV-00008Y-K7 for 28350-done@debbugs.gnu.org; Sat, 16 Sep 2017 05:48:56 -0400 Original-Received: from fencepost.gnu.org ([2001:4830:134:3::e]:33804) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dt9iV-00008P-GY; Sat, 16 Sep 2017 05:48:51 -0400 Original-Received: from 84.94.185.246.cable.012.net.il ([84.94.185.246]:4875 helo=home-c4e4a596f7) by fencepost.gnu.org with esmtpsa (TLS1.2:RSA_AES_256_CBC_SHA1:256) (Exim 4.82) (envelope-from ) id 1dt9iU-00051F-Tw; Sat, 16 Sep 2017 05:48:51 -0400 In-reply-to: <83y3plqck1.fsf@gnu.org> (message from Eli Zaretskii on Mon, 11 Sep 2017 22:07:26 +0300) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] X-Received-From: 208.118.235.43 X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.org gmane.emacs.bugs:137000 Archived-At: > Date: Mon, 11 Sep 2017 22:07:26 +0300 > From: Eli Zaretskii > Cc: larsi@gnus.org, eggert@cs.ucla.edu, 28350@debbugs.gnu.org > > > Date: Mon, 11 Sep 2017 20:44:19 +0200 > > From: charles@aurox.ch (Charles A. Roelli) > > CC: eggert@cs.ucla.edu, larsi@gnus.org, 28350@debbugs.gnu.org > > > > > Here's the idea: we introduce a new form of a display property: > > > > > > ('disable-eval SPEC) > > > > > > where SPEC is anything supported in a display property. > > > > Thanks for suggesting this; it's much cleaner than sanitizing the > > display specification from Lisp. Looks good to me. > > Thanks, I will wait for a few days before pushing. Done. Lars, I re-enabled support for enriched text in Gnus, as the vulnerability is now removed. Feel free to disable it again, if you don't want Gnus users to be able to display enriched text, ever. I'm marking the bug done.