From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.org!.POSTED!not-for-mail From: Kaushal Modi Newsgroups: gmane.emacs.help Subject: Re: CVE-2017-14482 - Red Hat Customer Portal Date: Thu, 21 Sep 2017 22:03:19 +0000 Message-ID: References: NNTP-Posting-Host: blaine.gmane.org Mime-Version: 1.0 Content-Type: text/plain; charset="UTF-8" X-Trace: blaine.gmane.org 1506031438 16285 195.159.176.226 (21 Sep 2017 22:03:58 GMT) X-Complaints-To: usenet@blaine.gmane.org NNTP-Posting-Date: Thu, 21 Sep 2017 22:03:58 +0000 (UTC) To: gebser@mousecar.com, GNU Emacs List Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Fri Sep 22 00:03:54 2017 Return-path: Envelope-to: geh-help-gnu-emacs@m.gmane.org Original-Received: from lists.gnu.org ([208.118.235.17]) by blaine.gmane.org with esmtp (Exim 4.84_2) (envelope-from ) id 1dv9ZW-0003nC-Hu for geh-help-gnu-emacs@m.gmane.org; Fri, 22 Sep 2017 00:03:50 +0200 Original-Received: from localhost ([::1]:55675 helo=lists.gnu.org) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dv9Zd-0001Bg-Qy for geh-help-gnu-emacs@m.gmane.org; Thu, 21 Sep 2017 18:03:57 -0400 Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:43046) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1dv9ZG-0001BP-3W for help-gnu-emacs@gnu.org; Thu, 21 Sep 2017 18:03:35 -0400 Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1dv9ZF-0000zT-2I for help-gnu-emacs@gnu.org; Thu, 21 Sep 2017 18:03:34 -0400 Original-Received: from mail-yw0-x236.google.com ([2607:f8b0:4002:c05::236]:44986) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1dv9ZE-0000wa-Sn for help-gnu-emacs@gnu.org; Thu, 21 Sep 2017 18:03:32 -0400 Original-Received: by mail-yw0-x236.google.com with SMTP id r85so5027815ywg.1 for ; Thu, 21 Sep 2017 15:03:30 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to; bh=BghYE1iWeFWTC3YDxvcC8X63eRo6h6D/LdvZy/2o2qY=; b=TPJkVT6SWno69yZ96O0JS21sIaqxtfsGIcdADIxpwZZ4zrPPgHmYfel8EvI1mLWW/U AkNbLp9JD8w/7hkgaAH0mtBN8bx2zSmKe/lCCvTH6XSPsKlYQ1HiJxu9/4zUvkar9axy tugctSRB5lKwF7qbspwGx5SIOo89nLb2iHeYeiKB8AxLwfz3QIxKwFd8TCGt3l9wi/+x ororPb71V0BXfQ14S5IhX/N9qvp+HKkG+8YKcIE81q3DAv9PPVzN4Hmf2F/wZnvZE7GT 0p3hKFsi+QCAB5dV0fYfERsFg2LJ7V+V6s5nyuOuWd6NOynfaR7T4eM2r/9g3wYRIDcR epBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to; bh=BghYE1iWeFWTC3YDxvcC8X63eRo6h6D/LdvZy/2o2qY=; b=VwmGS1/MsQU2zDAWpxIeO3vtkvcoXKlsnuVGYLsAPGoXcl+ngR6ZgoMkCcXLcnLSH3 c8n+I60IkuWiGEBspsmHfU029hRvyaOY08u7QRT3g5HEPYxqWX5+laBko6hLq7orexiB qH7cZ0j655wEzZ84lh7dnpx8WRhjXptp4gdr+Aykdc2OlboH9t7mxTv1nOKtTLLC8+ii 6L9+ou1Yat8ycFwKMxglQ1VFdxIcECGOhxOrLCDk84pO+9bopBDRBTRMJrQqlgyghN0s lwOTMp/lXrbNMVp+v1RJC3wtGLTBCAQnztTwSoEVUuXE0LUoiw80SYVD1lIiL8plm2Fm f97w== X-Gm-Message-State: AHPjjUgI5x3OGjQ/3vp2hRvPN3U8XEV5LKPdwMhdq9SxWixrccWsiain tnJzzWI/9qGKUOtstNc5LGP0dli9qPBGXfAhETQ= X-Google-Smtp-Source: AOwi7QCgrAE43GNnXlxYW7XYvqSXlU2RWRxxOqd1Q4WYbO9TVgtiU4co6kwwLn4UaD7UFrbrMg8PrZXuJ+YlFFSeDGQ= X-Received: by 10.37.190.137 with SMTP id i9mr2636953ybk.104.1506031409673; Thu, 21 Sep 2017 15:03:29 -0700 (PDT) In-Reply-To: X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2607:f8b0:4002:c05::236 X-Content-Filtered-By: Mailman/MimeDel 2.1.21 X-BeenThere: help-gnu-emacs@gnu.org X-Mailman-Version: 2.1.21 Precedence: list List-Id: Users list for the GNU Emacs text editor List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Original-Sender: "help-gnu-emacs" Xref: news.gmane.org gmane.emacs.help:114341 Archived-At: This has already been fixed in the recently released Emacs 25.3 (emergency release to fix just that). It would be recommended to update to Emacs 25.3. If that is not possible, then apply the workaround mentioned in that link. On Thu, Sep 21, 2017, 5:52 PM ken wrote: > Security vulnerability in emacs v.25.2 & earlier: > > > https://access.redhat.com/security/cve/CVE-2017-14482 > > -- Kaushal Modi