From: Richard Stallman <rms@gnu.org>
To: Tim Cross <theophilusx@gmail.com>
Cc: eliz@gnu.org, emacs-devel@gnu.org
Subject: Re: Request to backport fix for CVE-2022-45939 to Emacs 28
Date: Thu, 16 Feb 2023 12:50:08 -0500 [thread overview]
Message-ID: <E1pSiOW-0007km-1O@fencepost.gnu.org> (raw)
In-Reply-To: <86ttzougu2.fsf@gmail.com> (message from Tim Cross on Wed, 15 Feb 2023 07:10:58 +1100)
[[[ To any NSA and FBI agents reading my email: please consider ]]]
[[[ whether defending the US Constitution against all enemies, ]]]
[[[ foreign or domestic, requires you to follow Snowden's example. ]]]
> While I understand the resourcing issues, I think this is the wrong
> decision. We are in the situation where the current released version of
> Emacs has a known security exploit with a severity classification of
> high (although this assessment seems to be under review) and the
> response seems to be "Sorry, we are too busy trying to get the next
> version released to deal with this".
I agree. Fixing this one bug seems to be important to our user
community, and we already know the fix. We should release a fixed
version.
What makes it a ontrivial job to release one? Is it because there
other fixes have been committed to the Emacs 28 branch since the last
release? Would including them in a release call for some additioal
work?
If so, I am sure we can find a solution that avoids some of that work.
--
Dr Richard Stallman (https://stallman.org)
Chief GNUisance of the GNU Project (https://gnu.org)
Founder, Free Software Foundation (https://fsf.org)
Internet Hall-of-Famer (https://internethalloffame.org)
next prev parent reply other threads:[~2023-02-16 17:50 UTC|newest]
Thread overview: 27+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <85f35c42-cfe8-44a7-a9c1-307acc5c17d4@Spark>
2023-02-13 18:15 ` Request to backport fix for CVE-2022-45939 to Emacs 28 Troy Hinckley
2023-02-13 20:47 ` Eli Zaretskii
2023-02-14 5:07 ` lux
2023-02-14 13:19 ` Eli Zaretskii
2023-02-14 16:09 ` Troy Hinckley
2023-02-14 17:04 ` Eli Zaretskii
2023-02-17 1:44 ` Lynn Winebarger
2023-02-17 2:35 ` lux
2023-02-14 20:10 ` Tim Cross
2023-02-15 8:32 ` Robert Pluim
2023-02-18 4:19 ` Richard Stallman
2023-02-15 12:28 ` Eli Zaretskii
2023-02-16 17:50 ` Richard Stallman [this message]
2023-02-16 20:02 ` Eli Zaretskii
2023-02-16 20:41 ` Jim Porter
2023-02-16 20:52 ` Eli Zaretskii
2023-02-17 10:26 ` Stefan Kangas
2023-02-17 10:38 ` Robert Pluim
2023-02-17 12:33 ` Eli Zaretskii
2023-02-17 14:01 ` Stefan Kangas
2023-02-17 17:37 ` lux
2023-02-18 6:54 ` lux
2023-02-19 20:33 ` Corwin Brust
2023-02-21 14:54 ` Michael Albinus
2023-02-19 4:47 ` Richard Stallman
2023-02-19 7:05 ` Eli Zaretskii
2023-02-14 8:13 ` Robert Pluim
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
List information: https://www.gnu.org/software/emacs/
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=E1pSiOW-0007km-1O@fencepost.gnu.org \
--to=rms@gnu.org \
--cc=eliz@gnu.org \
--cc=emacs-devel@gnu.org \
--cc=theophilusx@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.savannah.gnu.org/cgit/emacs.git
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).