Thu Dec 8 22:48:34 UTC 202220221208224834_15.0

patches/packages/emacs-27.2-x86_64-2_slack15.0.txz:  Rebuilt.
  GNU Emacs through 28.2 allows attackers to execute commands via shell
  metacharacters in the name of a source-code file, because lib-src/etags.c
  uses the system C library function in its implementation of the ctags
  program. For example, a victim may use the "ctags *" command (suggested in
  the ctags documentation) in a situation where the current working directory
  has contents that depend on untrusted input.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-45939
  (* Security fix *)
patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txz:  Upgraded.
  This update fixes various security issues such as a heap-based buffer
  overflow and use after free.
  For more information, see:
    https://www.cve.org/CVERecord?id=CVE-2022-4141
    https://www.cve.org/CVERecord?id=CVE-2022-3591
    https://www.cve.org/CVERecord?id=CVE-2022-3520
    https://www.cve.org/CVERecord?id=CVE-2022-3491
    https://www.cve.org/CVERecord?id=CVE-2022-4292
    https://www.cve.org/CVERecord?id=CVE-2022-4293
  (* Security fix *)
patches/packages/vim-gvim-9.0.1034-x86_64-1_slack15.0.txz:  Upgraded.

1 files changed, 10 insertions, 0 deletions

diff --git a/patches/source/emacs/doinst.sh b/patches/source/emacs/doinst.sh
new file mode 100644
index 000000000..64a3adff1
--- /dev/null
+++ b/patches/source/emacs/doinst.sh
@@ -0,0 +1,10 @@
+# Vim ships a better (IMHO) version of ctags, and we don't want
+# to overwrite it with this one.  If you really want emacs' ctags
+# either copy or link it into place yourself, or remove the vim
+# packages and reinstall emacs.  Besides, does anyone know/use
+# *both* emacs and vi?  I'd think that would bring the universe
+# to an end.  ;-)
+if [ ! -e usr/bin/ctags ]; then
+  cp -a usr/bin/ctags-emacs usr/bin/ctags
+  cp -a usr/man/man1/ctags-emacs.1.gz usr/man/man1/ctags.1.gz
+fi