From mboxrd@z Thu Jan 1 00:00:00 1970 Path: news.gmane.io!.POSTED.blaine.gmane.org!not-for-mail From: Daniel =?UTF-8?Q?Mart=C3=ADn?= via "Bug reports for GNU Emacs, the Swiss army knife of text editors" Newsgroups: gmane.emacs.bugs Subject: bug#52707: Log4j Shell Vulnerability Date: Tue, 21 Dec 2021 18:02:18 +0100 Message-ID: References: Reply-To: Daniel =?UTF-8?Q?Mart=C3=ADn?= Mime-Version: 1.0 Content-Type: text/plain Injection-Info: ciao.gmane.io; posting-host="blaine.gmane.org:116.202.254.214"; logging-data="34243"; mail-complaints-to="usenet@ciao.gmane.io" User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/27.2 (darwin) Cc: 52707@debbugs.gnu.org To: "Terry,Samantha" Original-X-From: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Tue Dec 21 18:17:48 2021 Return-path: Envelope-to: geb-bug-gnu-emacs@m.gmane-mx.org Original-Received: from lists.gnu.org ([209.51.188.17]) by ciao.gmane.io with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.92) (envelope-from ) id 1mzilm-0008gC-LB for geb-bug-gnu-emacs@m.gmane-mx.org; Tue, 21 Dec 2021 18:17:47 +0100 Original-Received: from localhost ([::1]:56856 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1mzill-00019e-LU for geb-bug-gnu-emacs@m.gmane-mx.org; Tue, 21 Dec 2021 12:17:45 -0500 Original-Received: from eggs.gnu.org ([209.51.188.92]:60024) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1mziXX-0000V3-3B for bug-gnu-emacs@gnu.org; Tue, 21 Dec 2021 12:03:03 -0500 Original-Received: from debbugs.gnu.org ([209.51.188.43]:43887) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1mziXW-0001Kt-KY for bug-gnu-emacs@gnu.org; Tue, 21 Dec 2021 12:03:02 -0500 Original-Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1mziXW-0004aP-HR for bug-gnu-emacs@gnu.org; Tue, 21 Dec 2021 12:03:02 -0500 X-Loop: help-debbugs@gnu.org Resent-From: Daniel =?UTF-8?Q?Mart=C3=ADn?= Original-Sender: "Debbugs-submit" Resent-CC: bug-gnu-emacs@gnu.org Resent-Date: Tue, 21 Dec 2021 17:03:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 52707 X-GNU-PR-Package: emacs Original-Received: via spool by 52707-submit@debbugs.gnu.org id=B52707.164010615217474 (code B ref 52707); Tue, 21 Dec 2021 17:03:02 +0000 Original-Received: (at 52707) by debbugs.gnu.org; 21 Dec 2021 17:02:32 +0000 Original-Received: from localhost ([127.0.0.1]:55433 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mziX2-0004Xf-Ig for submit@debbugs.gnu.org; Tue, 21 Dec 2021 12:02:32 -0500 Original-Received: from sonic310-11.consmr.mail.ir2.yahoo.com ([77.238.177.32]:44318) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1mziWz-0004T4-Sh for 52707@debbugs.gnu.org; Tue, 21 Dec 2021 12:02:32 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.es; s=s2048; t=1640106142; bh=QgC5mhScNtMXTObKXROeRaznTL1MA0m0trSd0R+KuFY=; h=From:To:Cc:Subject:References:Date:In-Reply-To:From:Subject:Reply-To; b=Ezr83XbLYooAGz3VRYWixggcwJaH+PcF0rLxXBl0rXExVg9GCIne06SAK9QlgJlOxxrCJtNT9QT2yqTcNSpGxMWogVKtYdPEYa/dQZHto6waP9vVNfUyFe7zASQvIVB2vVWvm1P0fueGhy+WA4znMROEgiAH38pD1YUIq54wa4LxkoWcNJMdxMY5PTXohgEvct8aFrMIug+jndFZivs5JFiQ3U5X723Od99KudjS73BUdHyXfwipwGpOMxz5VyPtmumnsjgfkBNxBCVnNPs+wiE1ROMxfi3YO+b09wOfrwBI9hOY21xi5rRnXB/zrkPrQQzh969NnTrweKaTAx91xQ== X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1640106142; bh=oHThBfJznUPdADPLiEDeDKs5qGo4vXW8O0Uy3hGUL9n=; h=X-Sonic-MF:From:To:Subject:Date:From:Subject; b=iKbEP0hCFHZNQW5GdSlLWFPaWELJ3TYEgF0rrEpHd0MqGWbGD6HoqHbgSXHBO9upsCYspFEgYbxpFJcOOEkT2Bs/cveKYav5/GZA4aiOTpkY5im1ewT7cxRkGCsSCv9pn4HiHQJU1XB8p5qevhrlckY6gj3Wp3RCqobGboAP7PJR4SxEHaDjd2PomluOMrM/IXt0SvlcgfPOY5xg6O+4GT2cyd16NkuxlNR5U6dct+yuWwMhCTiIRcBiiTjT0iPfJTk7AIbzt0j/c7k5LE1FHJm++E3G1nmKULmi2KAkFoKjELFQp0pkm6DWd39P8Cp0D4TDtUGXGuqYbDdXKjRClg== X-YMail-OSG: Ajb9BBYVM1kuhTsfeO6uW3yYR85BqchDMJ.6_UIYOnA0bijV1APhq9_7sayKL3K Q_0_C9.604wf1dPNqUsBtr.YKaDK_TwTz2k8k0TZKNjL4JMDKhyvM0IQPnPtGgxvwRis_h559ebv Y1x46OdrqC8syipBmPVpVhquEaSCqflSjH232faRXpu.TU23sFBsjfOMuyPBsOwbnkPakt6zxJWg mXBPkfumBpLve7QhkWfBQtz89K0WLTpHWb3dvDfURkNooiw8CNholbdMxix2n6GF5RAc2m5e3snu QfbpaHrOGqK9MCntL5_rDxDOsAqZCyEL_uj6D_Rkp_Jzopt9wq64eOrsBFi7SXmj7oENdZ8jMqxe a.gjZXPYLr1EZ1VVXFe5VHLTLqp1jH30sxb42sMtPojITRPNDM04CE9h6b_CZk7oNuF1jWw2tUcm C3H4fTob6ndSsFfxY5txygsAKAqfVvpwtZ4bQ23BpuzUKeSTGIKHeYcTfxyldaT41w8tIkaKzvwk bdfd5nRzg4iLs1JCNEMMgYnRuYm90P2cw2GrlsDgxVfN0g1AjTXCkJWAfu62fGNoXinOLZjtawtG e7NdMvszyRZpTHlhun.wPxsYr5nN4ZZR6fDXcB6sZQ0FTEdQkFW4OUR1H1hwj9ZC9TA06wjbijWS EnufApF5YE5LzSl5FjXW5AVp36R0gPug4dtoQah4F1WL0o6vwenr.4qpFrpljxq8zCJ9SpVcacLw ki6CHqvCOQQXkazCigkJ24h_RWevm2aqB37qF1bjEIoRtSoFd.YiuDRwPtvxrhIxokJPJ9SqHoY2 3h1Byt3e8Fhq6XGxoEN9uG0Z6G49cHA2gjDbRHLMZT X-Sonic-MF: Original-Received: from sonic.gate.mail.ne1.yahoo.com by sonic310.consmr.mail.ir2.yahoo.com with HTTP; Tue, 21 Dec 2021 17:02:22 +0000 Original-Received: by kubenode509.mail-prod1.omega.ir2.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID c90a8e7b877befcf2e0d3ed89dd543a2; Tue, 21 Dec 2021 17:02:19 +0000 (UTC) In-Reply-To: (Samantha Terry's message of "Tue, 21 Dec 2021 15:21:42 +0000") X-Mailer: WebService/1.1.19498 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-gnu-emacs@gnu.org List-Id: "Bug reports for GNU Emacs, the Swiss army knife of text editors" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-gnu-emacs-bounces+geb-bug-gnu-emacs=m.gmane-mx.org@gnu.org Original-Sender: "bug-gnu-emacs" Xref: news.gmane.io gmane.emacs.bugs:222881 Archived-At: "Terry,Samantha" writes: > I'm sure you are well aware of the vulnerability with Log4j. We are > needing to determine if the application Emacs is vulnerable. If so, > do you plan on creating a patch or have a plan to patch? I've grepped for "log4j" in the Emacs repository and it didn't return any results, so I'd say Emacs is not vulnerable.