From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: ken Newsgroups: gmane.emacs.help Subject: Re: CVE-2017-14482 - Red Hat Customer Portal Date: Thu, 21 Sep 2017 19:07:11 -0400 Message-ID: <2e991bb7-c570-49ce-be94-3654945bb4b5@mousecar.com> References: Reply-To: gebser@mousecar.com NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 7bit X-Trace: blaine.gmane.org 1506035291 13595 195.159.176.226 (21 Sep 2017 23:08:11 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Thu, 21 Sep 2017 23:08:11 +0000 (UTC) User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.2.0 To: Kaushal Modi , GNU Emacs List Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Fri Sep 22 01:08:05 2017 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dvAZg-0003Ao-VW for geh-help-gnu-emacs@m.gmane.org; Fri, 22 Sep 2017 01:08:05 +0200 Original-Received: from localhost ([::1]:55816 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dvAZk-0004rv-Bx for geh-help-gnu-emacs@m.gmane.org; Thu, 21 Sep 2017 19:08:12 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:33531) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dvAZ1-0004qb-Fn for help-gnu-emacs@gnu.org; Thu, 21 Sep 2017 19:07:24 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dvAYy-0008V9-Aq for help-gnu-emacs@gnu.org; Thu, 21 Sep 2017 19:07:23 -0400 Original-Received: from mout.perfora.net ([74.208.4.196]:56885) by eggs.gnu.org with esmtps (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dvAYy-0008TZ-3d for help-gnu-emacs@gnu.org; Thu, 21 Sep 2017 19:07:20 -0400 Original-Received: from nv.mousecar.net ([96.27.75.237]) by mrelay.perfora.net (mreueus003 [74.208.5.2]) with ESMTPSA (Nemesis) id 0MWhiv-1dtmjW1qqR-00Xttw; Fri, 22 Sep 2017 01:07:17 +0200 In-Reply-To: Content-Language: en-US X-Provags-ID: V03:K0:YdErMXVSfVMJ0p5JHrVOdWFErazsad1F8kydIUWNYOWXDuSmHdk Pjk5ud7RSgNu2XrNEK4Os21/UqMlWovZEaHPkbgs1YPoUBCPtr3OsVW7RZ18jxLL+jcJdn1 LME9/5Z4+qStsOCRohs9WHsjcs2vI9BtswwCnDJBXwBMEQ10tX3TrXY9V3yCcHwdmNuz6T+ +SUoOhlxhgK0jfxbtoDuA== X-UI-Out-Filterresults: notjunk:1;V01:K0:mpuekOoMGTo=:Szo6ZcaiuteYRWMdGQU5Qs pHtxTn6XCfFTkniJiG9avE6pprZPHB4zwcTwSHeaTN+OGbyf7zUbMPV3O0r2Xp+zKNmqxd9qh NLNVriBfgHeddaePZENLpQ2dr/eS6IqGuGicP6gxrK65H4E6or5MmJU27UCUnB33KPAU1T7Gz DgQT5pEhzuyVBsdoXXkTB6b+nSMMXjpRJHFkFi9hLomtlZa3l+ZzrCtM/XAnzOHF3DiC5YIuY fXMIND73azztkZF57bnp3UWxuxYrAeF6HlmK3P0y7UBK4QwAShdZlIcg0SuTdacdCZeGS8hUa NFklW04un68wkYePP8b7bW356MHmLlxNnXgqDymwlUd+DmWS4FXJ9uLTLdJ8uMc1WtCqw+VoJ u9bZ2m7x7MxWA8JtnFsx0Rq3dWu8I+eXPeDuTrsP0xDBIBooPOkXAyfPhzYfCSjKZKYxKlMvN Ld6RA0UQwteEs78rTPtNbhHvq7uO8OL7zqnEyAFwgD7lIFnUEUnefs7MMMUC+3+0eTmd9jm9K xCBXgg3GStV9T+Hx3vOQNuzV13pubv2gK8TPUkcVqtHf0K8yCCnw655x4qGgUrCWkdVH4bZ8r jls+M7LC/sGw5Ya6LDO7F/+QLhtRBC3P1W1wiqK1jJ+j0EmaTY39OnVxfPw7C67gFWh6/M8H7 /TbZLvWoPGnQS0pnW7C5hFaf7BI8BHQJ/Hfrx8TAIXqpouCslQY9uIgiU1q22Mok1TZ3OUqsY rZoHmAzTrvkaZA2NlUNOhV1OrbCR8jgDh69Vy5JoaHKg9bV/6vfyG0XyFTI= X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.2.x-3.x [generic] [fuzzy] X-Received-From: 74.208.4.196 X-Content-Filtered-By: Mailman/MimeDel 2.1.21 X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "help-gnu-emacs" Xref: news.gmane.org gmane.emacs.help:114342 Archived-At: On 09/21/2017 06:03 PM, Kaushal Modi wrote: > > This has already been fixed in the recently released Emacs 25.3 > (emergency release to fix just that). > > It would be recommended to update to Emacs 25.3. If that is not > possible, then apply the workaround mentioned in that link. > > > On Thu, Sep 21, 2017, 5:52 PM ken > wrote: > > Security vulnerability in emacs v.25.2 & earlier: > > > https://access.redhat.com/security/cve/CVE-2017-14482 > > -- > > Kaushal Modi > Many people, including myself, have systems with package managers... which have dependencies... all of which make upgrading outside of package management unfeasible.