From: Eli Zaretskii <eliz@gnu.org>
To: help-gnu-emacs@gnu.org
Subject: Re: CVE-2017-14482 - Red Hat Customer Portal
Date: Sat, 23 Sep 2017 20:34:07 +0300 [thread overview]
Message-ID: <83poah9v5c.fsf@gnu.org> (raw)
In-Reply-To: <9uvak9ib98.fsf@fencepost.gnu.org> (message from Glenn Morris on Sat, 23 Sep 2017 13:18:59 -0400)
> From: Glenn Morris <rgm@gnu.org>
> Cc: help-gnu-emacs@gnu.org
> Date: Sat, 23 Sep 2017 13:18:59 -0400
>
> Eli Zaretskii wrote:
>
> > But they don't tell the whole story: the vulnerability was actually
> > caused by Gnus, MH-E, and perhaps other MUAs who decided to
> > automatically support enriched text, without checking the code first.
> > Otherwise, enriched.el per se has/had no problem whatsoever.
>
> I disagree. Simply opening a file in an unpatched Emacs can run
> arbitrary code with zero prompting.
How did that file end up in a directory you can access? Why are you
visiting a file about which you know nothing at all?
And how is that different from a Lisp package that creates display
properties out of thin air?
> This is a massive security risk that is entirely internal to
> enriched.el (possibly with the 'display property more generally).
More generally, Emacs itself. Even more generally, any software you
use.
> It does get worse that Gnus would trust enriched.el to decode mail
> messages too. But anyone using Emacs from 21.1 to 25.2 should be
> aware of this issue, whether or not they use Emacs for mail.
If you use software you didn't write, you are at risk. If you don't
want the risk of ending up in a car crash, the only way is not to
leave home.
next prev parent reply other threads:[~2017-09-23 17:34 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-21 21:51 CVE-2017-14482 - Red Hat Customer Portal ken
2017-09-21 22:03 ` Kaushal Modi
2017-09-21 23:07 ` ken
2017-09-22 7:37 ` Alberto Luaces
2017-09-22 7:48 ` Emanuel Berg
2017-09-22 20:12 ` Mario Castelán Castro
2017-09-22 22:14 ` Emanuel Berg
2017-09-24 2:08 ` Mario Castelán Castro
[not found] ` <mailman.1063.1506218941.14750.help-gnu-emacs@gnu.org>
2017-09-24 6:47 ` Emanuel Berg
2017-09-24 13:38 ` Mario Castelán Castro
2017-09-24 14:42 ` Óscar Fuentes
2017-09-24 14:54 ` tomas
2017-09-26 18:57 ` Narendra Joshi
2017-09-24 23:06 ` Emanuel Berg
2017-09-25 21:23 ` Mario Castelán Castro
2017-09-25 21:49 ` Emanuel Berg
2017-09-26 1:43 ` Mario Castelán Castro
2017-09-26 2:17 ` Emanuel Berg
2017-09-25 21:11 ` Mario Castelán Castro
2017-09-25 23:58 ` Óscar Fuentes
2017-09-26 14:46 ` Mario Castelán Castro
2017-09-26 23:31 ` Óscar Fuentes
2017-09-29 20:21 ` Mario Castelán Castro
2017-09-29 12:43 ` Eli Zaretskii
2017-09-29 14:59 ` dekkzz78
2017-09-29 16:51 ` Óscar Fuentes
2017-09-29 17:20 ` Emanuel Berg
2017-09-29 18:27 ` Óscar Fuentes
2017-09-29 19:45 ` Emanuel Berg
2017-09-29 20:06 ` Óscar Fuentes
2017-09-29 23:24 ` Emanuel Berg
2017-09-29 18:03 ` Eli Zaretskii
2017-09-24 23:07 ` Emanuel Berg
2017-09-23 10:05 ` Charles A. Roelli
2017-09-23 12:53 ` Óscar Fuentes
2017-09-23 13:12 ` Eli Zaretskii
2017-09-23 17:18 ` Glenn Morris
2017-09-23 17:34 ` Eli Zaretskii [this message]
2017-09-23 20:50 ` Yuri Khan
2017-09-24 2:53 ` Eli Zaretskii
2017-09-24 7:13 ` Philipp Stephani
2017-09-24 18:29 ` Robert Thorpe
2017-09-29 8:17 ` Eli Zaretskii
2017-09-29 20:28 ` Stefan Monnier
2017-09-29 23:28 ` Emanuel Berg
2017-10-03 0:52 ` Stefan Monnier
2017-10-03 1:04 ` Emanuel Berg
2017-09-29 7:11 ` Eli Zaretskii
[not found] ` <mailman.1068.1506237251.14750.help-gnu-emacs@gnu.org>
2017-09-24 7:48 ` Emanuel Berg
2017-09-25 21:26 ` Glenn Morris
2017-09-25 22:02 ` Emanuel Berg
2017-09-25 22:08 ` Ludwig, Mark
2017-09-26 5:50 ` Emanuel Berg
2017-09-26 13:40 ` Ludwig, Mark
2017-09-26 17:46 ` Philipp Stephani
2017-09-26 19:00 ` Ludwig, Mark
2017-09-29 13:23 ` Eli Zaretskii
2017-09-29 9:48 ` Eli Zaretskii
2017-09-26 18:44 ` Narendra Joshi
2017-09-26 18:51 ` Philipp Stephani
[not found] ` <mailman.988.1506161159.14750.help-gnu-emacs@gnu.org>
2017-09-24 6:31 ` Emanuel Berg
2017-09-22 16:40 ` ken
2017-09-22 19:07 ` Emanuel Berg
2017-09-23 20:27 ` Bob Proulx
[not found] ` <mailman.1053.1506198486.14750.help-gnu-emacs@gnu.org>
2017-09-24 6:38 ` Emanuel Berg
2017-09-24 17:17 ` Maxim Cournoyer
2017-09-24 22:38 ` Emanuel Berg
-- strict thread matches above, loose matches on Subject: below --
2017-09-27 10:51 Richard Melville
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=83poah9v5c.fsf@gnu.org \
--to=eliz@gnu.org \
--cc=help-gnu-emacs@gnu.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this external index
https://git.savannah.gnu.org/cgit/emacs.git
https://git.savannah.gnu.org/cgit/emacs/org-mode.git
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.