gentoo.git - Gentoo ebuild repository mirror. Updates daily.

diff options

author	Ulrich Müller <ulm@gentoo.org>	2023-02-26 21:22:47 +0100
committer	Ulrich Müller <ulm@gentoo.org>	2023-02-26 21:26:38 +0100
commit	db1716e1306ad0961eccb313a0bb33fca2c73f5a (patch)
tree	25e391aa0710b9630b298e590d7952b23c066ccb /dev-embedded/stm32flash/stm32flash-0.7.ebuild
parent	eef8bd2b59a539a2fd174ddffe7ae4b59de10d99 (diff)
download	gentoo-db1716e1306ad0961eccb313a0bb33fca2c73f5a.tar.gz gentoo-db1716e1306ad0961eccb313a0bb33fca2c73f5a.tar.bz2 gentoo-db1716e1306ad0961eccb313a0bb33fca2c73f5a.zip

app-editors/emacs: Fix multiple command injection vulnerabilities

This fixes command injection vulnerabilities in etags (CVE-2022-48337), ruby-mode (CVE-2022-48338), and htmlfontify (CVE-2022-48339) for Emacs slots 25, 26, 27, and 28. Note that Emacs 25 and 26 are not affected by the ruby-mode vulnerability because function ruby-find-library-file did not yet exist (and there is no call to the gem command in ruby-mode.el). Emacs 18 is not affected by either of them: It doesn't have ruby-mode and htmlfontify, and we no longer install the ctags and etags binaries. Bug: https://bugs.gentoo.org/897950 Signed-off-by: Ulrich Müller <ulm@gentoo.org>

Diffstat (limited to 'dev-embedded/stm32flash/stm32flash-0.7.ebuild')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: