From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail
From: Sean Whitton <spwhitton@spwhitton.name>
Newsgroups: gmane.emacs.devel
Subject: Reproducers for recent Emacs security issues
Date: Sun, 14 Apr 2024 11:23:23 +0800
Message-ID: <875xwk8w5w.fsf@melete.silentflame.com>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-=";
 micalg=pgp-sha512; protocol="application/pgp-signature"
Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214";
	logging-data="32541"; mail-complaints-to="usenet@ciao.gmane.io"
User-Agent: Gnus/5.13 (Gnus v5.13)
Cc: emacs-devel@gnu.org, team@security.debian.org
To: Max Nikulin <manikulin@gmail.com>, Ihor Radchenko <yantar92@posteo.net>
Original-X-From: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org Sun Apr 14 05:24:46 2024
Return-path: <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>
Envelope-to: ged-emacs-devel@m.gmane-mx.org
Original-Received: from lists.gnu.org ([209.51.188.17])
	by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
	(Exim 4.92)
	(envelope-from <emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org>)
	id 1rvqU1-0008CD-Ch
	for ged-emacs-devel@m.gmane-mx.org; Sun, 14 Apr 2024 05:24:46 +0200
Original-Received: from localhost ([::1] helo=lists1p.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.90_1)
	(envelope-from <emacs-devel-bounces@gnu.org>)
	id 1rvqT3-0002re-SY; Sat, 13 Apr 2024 23:23:45 -0400
Original-Received: from eggs.gnu.org ([2001:470:142:3::10])
 by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <spwhitton@spwhitton.name>)
 id 1rvqT1-0002rU-W0
 for emacs-devel@gnu.org; Sat, 13 Apr 2024 23:23:44 -0400
Original-Received: from wfout7-smtp.messagingengine.com ([64.147.123.150])
 by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256)
 (Exim 4.90_1) (envelope-from <spwhitton@spwhitton.name>)
 id 1rvqSw-00078r-3Y
 for emacs-devel@gnu.org; Sat, 13 Apr 2024 23:23:42 -0400
Original-Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
 by mailfout.west.internal (Postfix) with ESMTP id 42C201C0010A;
 Sat, 13 Apr 2024 23:23:32 -0400 (EDT)
Original-Received: from mailfrontend1 ([10.202.2.162])
 by compute1.internal (MEProxy); Sat, 13 Apr 2024 23:23:32 -0400
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=spwhitton.name;
 h=cc:cc:content-type:content-type:date:date:from:from
 :in-reply-to:message-id:mime-version:reply-to:subject:subject:to
 :to; s=fm1; t=1713065011; x=1713151411; bh=802mMfEyLLl9auRykPmc4
 qJXvJpxesKo6hr4ZDWxAHU=; b=NZe62OmbAx7Wc/tyLSp+LKpkJDIQYOEDzE8Yr
 vnUc7mgstcV/u5AA7ZvAv7ZPUg87JyNg82EaWIIHmx4gBkd6PjHV+dkilSn3Z1KO
 eRPkPyKxUs/rHD8nFrEzcLynJsj0pf+Y2WdtbOsshZxTuWy+7YVtcIq6zQLwnkRo
 YsMBAkGTREn2eCCxm5GwLKWIDlvmV9UH1C+191IAbfTCkC+ukx5NVLtcSVNm0aI6
 Ej4CXAsAqM+laB7q3uL1DylIPxz/slw23UZrfyZK4xSgiJ4zcgEHKstPBjOCpJcM
 oox2Zwywysl1FJg6lpSdSBZRbG0HKKQjSmZCkhY60dyQud9Xg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=
 messagingengine.com; h=cc:cc:content-type:content-type:date:date
 :feedback-id:feedback-id:from:from:in-reply-to:message-id
 :mime-version:reply-to:subject:subject:to:to:x-me-proxy
 :x-me-proxy:x-me-sender:x-me-sender:x-sasl-enc; s=fm2; t=
 1713065011; x=1713151411; bh=802mMfEyLLl9auRykPmc4qJXvJpxesKo6hr
 4ZDWxAHU=; b=GB5fUhZdlhmY/uitdGuTtFYgn+TOosdf70BPPXDTfyCPs1/mevV
 8yWDOZUUDCXFn8ocpdob4dCFBdge39S8QGHWliu3wpZdFGFFpmg1ZhzpGjvormvO
 1Y4h1jiryZT3iUfA1q/VatZjo0S/ISw1n+46RxQWRos60+hqALUq/0cZyW8rScyB
 ulpGFz+z1WjwR+Yvbn5ctDvD3cJmpIbUxDFGBR/IJNoTnwGm0azoS4IJk1QqSt/Z
 tnoKeqxSEqGCtQW/3UZuAP9A4OZuWO3MxZBKBgC2AxlIMcIaf5QM2pArVFHQCE+K
 hSZaL8ZRMjzJ5UVy7XWcFDjODAHxjwg+bmQ==
X-ME-Sender: <xms:M0wbZp7g_ViwjP1J7ZfpYsMwwOJXxrEJdKiE6Zi2afBGN0D15di1lw>
 <xme:M0wbZm6zhFk8uOHZ651O7IZ-5IuogzKBDdVn1z_N5QBwZRMqD-fW2lGaMeLu10sP2
 jmu866zyMzA8u7bcA>
X-ME-Received: <xmr:M0wbZgeSfRstC8TWzBl9JijVJsxaTIKyfaf2gOwQfXL3dPQPnDxDwpIM_1dRjZeGAqGzcJMheRgokCY>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrudeikedgvdehucetufdoteggodetrfdotf
 fvucfrrhhofhhilhgvmecuhfgrshhtofgrihhlpdfqfgfvpdfurfetoffkrfgpnffqhgen
 uceurghilhhouhhtmecufedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmne
 cujfgurhephffvvefufffkfgggtgesghdttdertdertdenucfhrhhomhepufgvrghnucgh
 hhhithhtohhnuceoshhpfihhihhtthhonhesshhpfihhihhtthhonhdrnhgrmhgvqeenuc
 ggtffrrghtthgvrhhnpeelleejjeelleejieekjeejiefhjeeviedtleefgfektedvffeg
 ffeigeeuveffkeenucevlhhushhtvghrufhiiigvpedtnecurfgrrhgrmhepmhgrihhlfh
 hrohhmpehsphifhhhithhtohhnsehsphifhhhithhtohhnrdhnrghmvg
X-ME-Proxy: <xmx:M0wbZiLjAHsVNwZSVjiV4Lc9vIsoN1JOJaPcMmbOwF_ijzXGu5Yvmw>
 <xmx:M0wbZtIFDUdoR_3kz478IiSb6AnuM2ulxunuhPwvUk_P18XprBhpWg>
 <xmx:M0wbZrzCRO7PSCLFlfWD_fpzWK4vY1rqyak6OCq0Rke3VZPJC3GVvg>
 <xmx:M0wbZpJjKTre4qNRG_1wc2Pf-8Yp1dlexUwzfBNYqmhcFt08bB0efA>
 <xmx:M0wbZqESOZtv_FEDNYX38t5reePLRGnIOpux4hI7BzLpTiMtB9vkrAqg>
Feedback-ID: i23c04076:Fastmail
Original-Received: by mail.messagingengine.com (Postfix) with ESMTPA; Sat,
 13 Apr 2024 23:23:30 -0400 (EDT)
Original-Received: by melete.silentflame.com (Postfix, from userid 1000)
 id EDACB7EC5AF; Sun, 14 Apr 2024 11:23:24 +0800 (CST)
Received-SPF: pass client-ip=64.147.123.150;
 envelope-from=spwhitton@spwhitton.name; helo=wfout7-smtp.messagingengine.com
X-Spam_score_int: -27
X-Spam_score: -2.8
X-Spam_bar: --
X-Spam_report: (-2.8 / 5.0 requ) BAYES_00=-1.9, DKIM_SIGNED=0.1,
 DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1,
 RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001,
 T_SPF_HELO_TEMPERROR=0.01 autolearn=ham autolearn_force=no
X-Spam_action: no action
X-BeenThere: emacs-devel@gnu.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Emacs development discussions." <emacs-devel.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=unsubscribe>
List-Archive: <https://lists.gnu.org/archive/html/emacs-devel>
List-Post: <mailto:emacs-devel@gnu.org>
List-Help: <mailto:emacs-devel-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/emacs-devel>,
 <mailto:emacs-devel-request@gnu.org?subject=subscribe>
Errors-To: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Original-Sender: emacs-devel-bounces+ged-emacs-devel=m.gmane-mx.org@gnu.org
Xref: news.gmane.io gmane.emacs.devel:317718
Archived-At: <http://permalink.gmane.org/gmane.emacs.devel/317718>

--=-=-=
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

Hello Max, Ihor,

Thank you for your input on the thread I posted this week about the
recent CVEs.

I already have a sample Org file that I can use to test whether
CVE-2024-30202 is fixed.  Would you happen to already have reproducers
for the other two problems to hand?

I'm sure I can make my own, but thought I'd ask in case you already have
them handy.  Thanks!

=2D-=20
Sean Whitton

--=-=-=
Content-Type: application/pgp-signature; name="signature.asc"

-----BEGIN PGP SIGNATURE-----

iQJNBAEBCgA3FiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAmYbTCsZHHNwd2hpdHRv
bkBzcHdoaXR0b24ubmFtZQAKCRBpW3rkvwZiQB88D/sEyl0KUnceRagc04Dy9Vrs
vG4rrmP/Dl47xxbJYsrYF+3tQZGL+zioEl7uPQp4I0PD0+62RQcuVLUqQzkUjopP
NtqHmbReK2owfJkgk8ix3AmbUudm8yhf8VGAy2mPEvui21JE41PeFYNeOryPrhy/
syO6cvbMrC77UpFikhqpTYgA9UQxqgwFD2N3ii/xt7hrlGZyDAFPwYQWzskhDegY
gA5B38a4wuaeTEGHTWxCplD10r967LaKogocnNZTz51TnBOoBCtnDYBnvy/FQ9EA
TzZeNb+TIzPxYwOq7B+UntVWImFvR/WUcQa3WqS7esQDUrCloZCrBbNewWcS/eLs
Pq3gwLT5kFPeLfszPVwkiBOHN4/7RD+iypPtku5rsoDsI8y4vhgyN3T29uQuIGSB
DM/cCqtr84ahWEqlauz6NQJWJPg5ibrA2t4C6m4WAFb8YzruWeo7RuOUw+1w4o+R
wC/Yx4KcdWh/aTVtoBxV1iaEwc+R1+pwpj0DaTlW7dECjZmepM6PpDgzcGSv86ht
nlcdTIlhFo9o9Lxd3PbmKznybFcEE6eMOUjltMXXJ1VIQN6izqOtpPaRAIm7iaeO
JfvRcGPA1HjpgTxVjwViStiOz1/kU+sPu8St2fphfP2Ih2mWkOs3ByPTg7PnPkFs
ufFgIqLgbf97MmR/fwNQUQ==
=set6
-----END PGP SIGNATURE-----
--=-=-=--