nixo
/
guix-devel
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

gnu: emacs: Patch message-mode enriched text translation [security fix]. 

* gnu/packages/patches/emacs-unsafe-enriched-mode-translations.patch:
New file.
* gnu/packages/emacs.scm (emacs)[source](patches): Add it.
* gnu/local.mk (dist_patch_DATA): Add it.
This commit is contained in:
Ludovic Courtès 2017-09-11 14:46:13 +02:00
parent 238ee64802
commit 66ae958c5b
No known key found for this signature in database
GPG Key ID: 090B11993D9AEBB5
3 changed files with 88 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
gnu/local.mk
View File

@ -589,6 +589,7 @@ dist_patch_DATA = \
%D%/packages/patches/emacs-fix-scheme-indent-function.patch \ %D%/packages/patches/emacs-fix-scheme-indent-function.patch \
%D%/packages/patches/emacs-scheme-complete-scheme-r5rs-info.patch \ %D%/packages/patches/emacs-scheme-complete-scheme-r5rs-info.patch \
%D%/packages/patches/emacs-source-date-epoch.patch \ %D%/packages/patches/emacs-source-date-epoch.patch \
%D%/packages/patches/emacs-unsafe-enriched-mode-translations.patch \
%D%/packages/patches/erlang-man-path.patch \ %D%/packages/patches/erlang-man-path.patch \
%D%/packages/patches/eudev-rules-directory.patch \ %D%/packages/patches/eudev-rules-directory.patch \
%D%/packages/patches/evilwm-lost-focus-bug.patch \ %D%/packages/patches/evilwm-lost-focus-bug.patch \

3
gnu/packages/emacs.scm
View File

@ -113,7 +113,8 @@
"1ykkq0xl28ljdg61bm6gzy04ww86ajms98gix72qg6cpr6a53dar")) "1ykkq0xl28ljdg61bm6gzy04ww86ajms98gix72qg6cpr6a53dar"))
(patches (search-patches "emacs-exec-path.patch" (patches (search-patches "emacs-exec-path.patch"
"emacs-fix-scheme-indent-function.patch" "emacs-fix-scheme-indent-function.patch"
"emacs-source-date-epoch.patch")) "emacs-source-date-epoch.patch"
"emacs-unsafe-enriched-mode-translations.patch"))
(modules '((guix build utils))) (modules '((guix build utils)))
(snippet (snippet
;; Delete the bundled byte-compiled elisp files and ;; Delete the bundled byte-compiled elisp files and

85
gnu/packages/patches/emacs-unsafe-enriched-mode-translations.patch Normal file
View File

@ -0,0 +1,85 @@
This patch fixes a remote code execution vulnerability reported here:
https://bugs.gnu.org/28350
http://www.openwall.com/lists/oss-security/2017/09/11/1
From 9ad0fcc54442a9a01d41be19880250783426db70 Mon Sep 17 00:00:00 2001
From: Lars Ingebrigtsen <larsi@gnus.org>
Date: Fri, 8 Sep 2017 20:23:31 -0700
Subject: Remove unsafe enriched mode translations
* lisp/gnus/mm-view.el (mm-inline-text):
Do not worry about enriched or richtext type.
* lisp/textmodes/enriched.el (enriched-translations):
Remove translations for FUNCTION, display (Bug#28350).
(enriched-handle-display-prop, enriched-decode-display-prop): Remove.
---
lisp/gnus/mm-view.el | 4 ----
lisp/textmodes/enriched.el | 32 --------------------------------
2 files changed, 36 deletions(-)
diff --git a/lisp/gnus/mm-view.el b/lisp/gnus/mm-view.el
index e5859d0..77ad271 100644
--- a/lisp/gnus/mm-view.el
+++ b/lisp/gnus/mm-view.el
@@ -383,10 +383,6 @@
(goto-char (point-max))))
(save-restriction
(narrow-to-region b (point))
- (when (member type '("enriched" "richtext"))
- (set-text-properties (point-min) (point-max) nil)
- (ignore-errors
- (enriched-decode (point-min) (point-max))))
(mm-handle-set-undisplayer
handle
`(lambda ()
diff --git a/lisp/textmodes/enriched.el b/lisp/textmodes/enriched.el
index beb6c6d..a8f0d38 100644
--- a/lisp/textmodes/enriched.el
+++ b/lisp/textmodes/enriched.el
@@ -117,12 +117,7 @@ expression, which is evaluated to get the string to insert.")
(full "flushboth")
(center "center"))
(PARAMETER (t "param")) ; Argument of preceding annotation
- ;; The following are not part of the standard:
- (FUNCTION (enriched-decode-foreground "x-color")
- (enriched-decode-background "x-bg-color")
- (enriched-decode-display-prop "x-display"))
(read-only (t "x-read-only"))
- (display (nil enriched-handle-display-prop))
(unknown (nil format-annotate-value))
; (font-size (2 "bigger") ; unimplemented
; (-2 "smaller"))
@@ -477,32 +472,5 @@ Return value is \(begin end name positive-p), or nil if none was found."
(message "Warning: no color specified for <x-bg-color>")
nil))
-;;; Handling the `display' property.
-
-
-(defun enriched-handle-display-prop (old new)
- "Return a list of annotations for a change in the `display' property.
-OLD is the old value of the property, NEW is the new value. Value
-is a list `(CLOSE OPEN)', where CLOSE is a list of annotations to
-close and OPEN a list of annotations to open. Each of these lists
-has the form `(ANNOTATION PARAM ...)'."
- (let ((annotation "x-display")
- (param (prin1-to-string (or old new))))
- (if (null old)
- (cons nil (list (list annotation param)))
- (cons (list (list annotation param)) nil))))
-
-(defun enriched-decode-display-prop (start end &optional param)
- "Decode a `display' property for text between START and END.
-PARAM is a `<param>' found for the property.
-Value is a list `(START END SYMBOL VALUE)' with START and END denoting
-the range of text to assign text property SYMBOL with value VALUE."
- (let ((prop (when (stringp param)
- (condition-case ()
- (car (read-from-string param))
- (error nil)))))
- (unless prop
- (message "Warning: invalid <x-display> parameter %s" param))
- (list start end 'display prop)))
;;; enriched.el ends here