From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!not-for-mail
From: Glenn Morris <rgm@gnu.org>
Newsgroups: gmane.emacs.devel
Subject: Re: Security advisory?
Date: Fri, 22 Jun 2007 16:46:45 -0400
Message-ID: <6bejk3wwcq.fsf@fencepost.gnu.org>
References: <87fy4j7n3q.fsf@stupidchicken.com>
NNTP-Posting-Host: lo.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-Trace: sea.gmane.org 1182545250 5141 80.91.229.12 (22 Jun 2007 20:47:30 GMT)
X-Complaints-To: usenet@sea.gmane.org
NNTP-Posting-Date: Fri, 22 Jun 2007 20:47:30 +0000 (UTC)
Cc: emacs-devel@gnu.org
To: Chong Yidong <cyd@stupidchicken.com>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org Fri Jun 22 22:47:28 2007
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane.org
Original-Received: from lists.gnu.org ([199.232.76.165])
	by lo.gmane.org with esmtp (Exim 4.50)
	id 1I1q2N-0002wy-8k
	for ged-emacs-devel@m.gmane.org; Fri, 22 Jun 2007 22:47:23 +0200
Original-Received: from localhost ([127.0.0.1] helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43)
	id 1I1q2M-0008Lf-Rj
	for ged-emacs-devel@m.gmane.org; Fri, 22 Jun 2007 16:47:22 -0400
Original-Received: from mailman by lists.gnu.org with tmda-scanned (Exim 4.43)
	id 1I1q1o-00089t-Gp
	for emacs-devel@gnu.org; Fri, 22 Jun 2007 16:46:48 -0400
Original-Received: from exim by lists.gnu.org with spam-scanned (Exim 4.43)
	id 1I1q1m-00088Y-WB
	for emacs-devel@gnu.org; Fri, 22 Jun 2007 16:46:48 -0400
Original-Received: from [199.232.76.173] (helo=monty-python.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.43) id 1I1q1m-00088R-Ly
	for emacs-devel@gnu.org; Fri, 22 Jun 2007 16:46:46 -0400
Original-Received: from fencepost.gnu.org ([140.186.70.10])
	by monty-python.gnu.org with esmtp (Exim 4.60)
	(envelope-from <rgm@gnu.org>) id 1I1q1m-0006qF-8n
	for emacs-devel@gnu.org; Fri, 22 Jun 2007 16:46:46 -0400
Original-Received: from rgm by fencepost.gnu.org with local (Exim 4.60)
	(envelope-from <rgm@gnu.org>)
	id 1I1q1l-0006uR-Vh; Fri, 22 Jun 2007 16:46:46 -0400
X-Spook: explosion Verisign csim CBNRC Exon Shell ASPIC Treasury
X-Ran: $&tVk_"U}n|h'L0KBp#($]O`P^ef27rU3Mn%=wt;)sB\ltUvq~yUe&'!:}O0N|Pl9%oK(1
X-Hue: red
X-Attribution: GM
In-Reply-To: <87fy4j7n3q.fsf@stupidchicken.com> (Chong Yidong's message of
	"Fri, 22 Jun 2007 16:25:45 -0400")
User-Agent: Gnus (www.gnus.org), GNU Emacs (www.gnu.org/software/emacs/)
X-detected-kernel: Linux 2.6, seldom 2.4 (older, 4)
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/pipermail/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <http://lists.gnu.org/mailman/listinfo/emacs-devel>,
	<mailto:emacs-devel-request@gnu.org?subject=subscribe>
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane.org@gnu.org
Xref: news.gmane.org gmane.emacs.devel:73658
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/73658>

Chong Yidong wrote:

> http://www.securityfocus.com/archive/1/471992/30/0/threaded
>
> Does anyone know what the heck this is about?

It links to a debian bug report, which is more informative:

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=408929

I think they call it a "denial of service" because it occurred in the
VM mail reader (not part of Emacs, of course), when viewing a spam
mail with a malformed image. So someone could email you an image that
would crash Emacs. I don't know if gnus, rmail, or mh-e automatically
display images; I suspect not.