From mboxrd@z Thu Jan  1 00:00:00 1970
Path: news.gmane.org!.POSTED!not-for-mail
From: Kaushal Modi <kaushal.modi@gmail.com>
Newsgroups: gmane.emacs.help
Subject: Re: CVE-2017-14482 - Red Hat Customer Portal
Date: Thu, 21 Sep 2017 22:03:19 +0000
Message-ID: <CAFyQvY0D5vHrB8-w7zhNAomJE+hWvG6PHJbXz=T6bWWkxAb2GQ@mail.gmail.com>
References: <e000f8c1-4a01-d608-2a9e-38acc1a8c1ca@mousecar.com>
NNTP-Posting-Host: blaine.gmane.org
Mime-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
X-Trace: blaine.gmane.org 1506031438 16285 195.159.176.226 (21 Sep 2017 22:03:58 GMT)
X-Complaints-To: usenet@blaine.gmane.org
NNTP-Posting-Date: Thu, 21 Sep 2017 22:03:58 +0000 (UTC)
To: gebser@mousecar.com, GNU Emacs List <help-gnu-emacs@gnu.org>
Original-X-From: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org Fri Sep 22 00:03:54 2017
Return-path: <help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org>
Envelope-to: geh-help-gnu-emacs@m.gmane.org
Original-Received: from lists.gnu.org ([208.118.235.17])
	by blaine.gmane.org with esmtp (Exim 4.84_2)
	(envelope-from <help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org>)
	id 1dv9ZW-0003nC-Hu
	for geh-help-gnu-emacs@m.gmane.org; Fri, 22 Sep 2017 00:03:50 +0200
Original-Received: from localhost ([::1]:55675 helo=lists.gnu.org)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org>)
	id 1dv9Zd-0001Bg-Qy
	for geh-help-gnu-emacs@m.gmane.org; Thu, 21 Sep 2017 18:03:57 -0400
Original-Received: from eggs.gnu.org ([2001:4830:134:3::10]:43046)
	by lists.gnu.org with esmtp (Exim 4.71)
	(envelope-from <kaushal.modi@gmail.com>) id 1dv9ZG-0001BP-3W
	for help-gnu-emacs@gnu.org; Thu, 21 Sep 2017 18:03:35 -0400
Original-Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71)
	(envelope-from <kaushal.modi@gmail.com>) id 1dv9ZF-0000zT-2I
	for help-gnu-emacs@gnu.org; Thu, 21 Sep 2017 18:03:34 -0400
Original-Received: from mail-yw0-x236.google.com ([2607:f8b0:4002:c05::236]:44986)
	by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16)
	(Exim 4.71) (envelope-from <kaushal.modi@gmail.com>)
	id 1dv9ZE-0000wa-Sn
	for help-gnu-emacs@gnu.org; Thu, 21 Sep 2017 18:03:32 -0400
Original-Received: by mail-yw0-x236.google.com with SMTP id r85so5027815ywg.1
	for <help-gnu-emacs@gnu.org>; Thu, 21 Sep 2017 15:03:30 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=mime-version:references:in-reply-to:from:date:message-id:subject:to; 
	bh=BghYE1iWeFWTC3YDxvcC8X63eRo6h6D/LdvZy/2o2qY=;
	b=TPJkVT6SWno69yZ96O0JS21sIaqxtfsGIcdADIxpwZZ4zrPPgHmYfel8EvI1mLWW/U
	AkNbLp9JD8w/7hkgaAH0mtBN8bx2zSmKe/lCCvTH6XSPsKlYQ1HiJxu9/4zUvkar9axy
	tugctSRB5lKwF7qbspwGx5SIOo89nLb2iHeYeiKB8AxLwfz3QIxKwFd8TCGt3l9wi/+x
	ororPb71V0BXfQ14S5IhX/N9qvp+HKkG+8YKcIE81q3DAv9PPVzN4Hmf2F/wZnvZE7GT
	0p3hKFsi+QCAB5dV0fYfERsFg2LJ7V+V6s5nyuOuWd6NOynfaR7T4eM2r/9g3wYRIDcR
	epBA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:mime-version:references:in-reply-to:from:date
	:message-id:subject:to;
	bh=BghYE1iWeFWTC3YDxvcC8X63eRo6h6D/LdvZy/2o2qY=;
	b=VwmGS1/MsQU2zDAWpxIeO3vtkvcoXKlsnuVGYLsAPGoXcl+ngR6ZgoMkCcXLcnLSH3
	c8n+I60IkuWiGEBspsmHfU029hRvyaOY08u7QRT3g5HEPYxqWX5+laBko6hLq7orexiB
	qH7cZ0j655wEzZ84lh7dnpx8WRhjXptp4gdr+Aykdc2OlboH9t7mxTv1nOKtTLLC8+ii
	6L9+ou1Yat8ycFwKMxglQ1VFdxIcECGOhxOrLCDk84pO+9bopBDRBTRMJrQqlgyghN0s
	lwOTMp/lXrbNMVp+v1RJC3wtGLTBCAQnztTwSoEVUuXE0LUoiw80SYVD1lIiL8plm2Fm
	f97w==
X-Gm-Message-State: AHPjjUgI5x3OGjQ/3vp2hRvPN3U8XEV5LKPdwMhdq9SxWixrccWsiain
	tnJzzWI/9qGKUOtstNc5LGP0dli9qPBGXfAhETQ=
X-Google-Smtp-Source: AOwi7QCgrAE43GNnXlxYW7XYvqSXlU2RWRxxOqd1Q4WYbO9TVgtiU4co6kwwLn4UaD7UFrbrMg8PrZXuJ+YlFFSeDGQ=
X-Received: by 10.37.190.137 with SMTP id i9mr2636953ybk.104.1506031409673;
	Thu, 21 Sep 2017 15:03:29 -0700 (PDT)
In-Reply-To: <e000f8c1-4a01-d608-2a9e-38acc1a8c1ca@mousecar.com>
X-detected-operating-system: by eggs.gnu.org: Genre and OS details not
	recognized.
X-Received-From: 2607:f8b0:4002:c05::236
X-Content-Filtered-By: Mailman/MimeDel 2.1.21
X-BeenThere: help-gnu-emacs@gnu.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: Users list for the GNU Emacs text editor <help-gnu-emacs.gnu.org>
List-Unsubscribe: <https://lists.gnu.org/mailman/options/help-gnu-emacs>,
	<mailto:help-gnu-emacs-request@gnu.org?subject=unsubscribe>
List-Archive: <http://lists.gnu.org/archive/html/help-gnu-emacs/>
List-Post: <mailto:help-gnu-emacs@gnu.org>
List-Help: <mailto:help-gnu-emacs-request@gnu.org?subject=help>
List-Subscribe: <https://lists.gnu.org/mailman/listinfo/help-gnu-emacs>,
	<mailto:help-gnu-emacs-request@gnu.org?subject=subscribe>
Errors-To: help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org
Original-Sender: "help-gnu-emacs"
	<help-gnu-emacs-bounces+geh-help-gnu-emacs=m.gmane.org@gnu.org>
Xref: news.gmane.org gmane.emacs.help:114341
Archived-At: <http://permalink.gmane.org/gmane.emacs.help/114341>

This has already been fixed in the recently released Emacs 25.3 (emergency
release to fix just that).

It would be recommended to update to Emacs 25.3. If that is not possible,
then apply the workaround mentioned in that link.

On Thu, Sep 21, 2017, 5:52 PM ken <gebser@mousecar.com> wrote:

> Security vulnerability in emacs v.25.2 & earlier:
>
>
> https://access.redhat.com/security/cve/CVE-2017-14482
>
> --

Kaushal Modi