diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-12-08 22:48:34 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-12-09 13:30:05 +0100 |
commit | d17567f359b292f76be7d60ae588ef567df4d95e (patch) | |
tree | cf7804f448830067536877816b39f6bb65fb8614 /patches/source/emacs/doinst.sh | |
parent | 7add5d2865572a0a23891756e58701a6c97c5965 (diff) | |
download | current-d17567f359b292f76be7d60ae588ef567df4d95e.tar.gz current-d17567f359b292f76be7d60ae588ef567df4d95e.tar.xz |
Thu Dec 8 22:48:34 UTC 202220221208224834_15.0
patches/packages/emacs-27.2-x86_64-2_slack15.0.txz: Rebuilt.
GNU Emacs through 28.2 allows attackers to execute commands via shell
metacharacters in the name of a source-code file, because lib-src/etags.c
uses the system C library function in its implementation of the ctags
program. For example, a victim may use the "ctags *" command (suggested in
the ctags documentation) in a situation where the current working directory
has contents that depend on untrusted input.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45939
(* Security fix *)
patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txz: Upgraded.
This update fixes various security issues such as a heap-based buffer
overflow and use after free.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-4141
https://www.cve.org/CVERecord?id=CVE-2022-3591
https://www.cve.org/CVERecord?id=CVE-2022-3520
https://www.cve.org/CVERecord?id=CVE-2022-3491
https://www.cve.org/CVERecord?id=CVE-2022-4292
https://www.cve.org/CVERecord?id=CVE-2022-4293
(* Security fix *)
patches/packages/vim-gvim-9.0.1034-x86_64-1_slack15.0.txz: Upgraded.
Diffstat (limited to 'patches/source/emacs/doinst.sh')
-rw-r--r-- | patches/source/emacs/doinst.sh | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/patches/source/emacs/doinst.sh b/patches/source/emacs/doinst.sh new file mode 100644 index 000000000..64a3adff1 --- /dev/null +++ b/patches/source/emacs/doinst.sh @@ -0,0 +1,10 @@ +# Vim ships a better (IMHO) version of ctags, and we don't want +# to overwrite it with this one. If you really want emacs' ctags +# either copy or link it into place yourself, or remove the vim +# packages and reinstall emacs. Besides, does anyone know/use +# *both* emacs and vi? I'd think that would bring the universe +# to an end. ;-) +if [ ! -e usr/bin/ctags ]; then + cp -a usr/bin/ctags-emacs usr/bin/ctags + cp -a usr/man/man1/ctags-emacs.1.gz usr/man/man1/ctags.1.gz +fi |