Skip site navigation (1)Skip section navigation (2) 
Date:      Sun, 23 Sep 2012 00:31:34 +0000 (UTC)
From:      Ashish SHUKLA <ashish@FreeBSD.org>
To:        ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org
Subject:   svn commit: r304727 - in head/editors/emacs23: . files
Message-ID:  <201209230031.q8N0VYxs075278@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help 
Author: ashish
Date: Sun Sep 23 00:31:33 2012
New Revision: 304727
URL: http://svn.freebsd.org/changeset/ports/304727

Log:
  - Fix remote code execution vulnerability
  - Bump PORTEPOCH
  
  Security:	http://www.vuxml.org/freebsd/c1e5f35e-f93d-11e1-b07f-00235a5f2c9a.html

Added:
  head/editors/emacs23/files/patch-lisp_files.el   (contents, props changed)
Modified:
  head/editors/emacs23/Makefile

Modified: head/editors/emacs23/Makefile
==============================================================================
--- head/editors/emacs23/Makefile	Sat Sep 22 23:26:57 2012	(r304726)
+++ head/editors/emacs23/Makefile	Sun Sep 23 00:31:33 2012	(r304727)
@@ -8,6 +8,7 @@
 PORTNAME=	emacs
 PORTVERSION=	${EMACS_VER}
 PORTREVISION?=	2
+PORTEPOCH=	1
 CATEGORIES=	editors ipv6
 MASTER_SITES=	${MASTER_SITE_GNU}
 MASTER_SITE_SUBDIR=	${PORTNAME}

Added: head/editors/emacs23/files/patch-lisp_files.el
==============================================================================
--- /dev/null	00:00:00 1970	(empty, because file is newly added)
+++ head/editors/emacs23/files/patch-lisp_files.el	Sun Sep 23 00:31:33 2012	(r304727)
@@ -0,0 +1,27 @@
+
+$FreeBSD$
+
+--- lisp/files.el.orig
++++ lisp/files.el
+@@ -2986,11 +2986,16 @@
+ 	      ;; Obey `enable-local-eval'.
+ 	      ((eq var 'eval)
+ 	       (when enable-local-eval
+-		 (push elt all-vars)
+-		 (or (eq enable-local-eval t)
+-		     (hack-one-local-variable-eval-safep (eval (quote val)))
+-		     (safe-local-variable-p var val)
+-		     (push elt unsafe-vars))))
++		 (let ((safe (or (hack-one-local-variable-eval-safep
++				  (eval (quote val)))
++				 ;; In case previously marked safe (bug#5636).
++				 (safe-local-variable-p var val))))
++		   ;; If not safe and e-l-v = :safe, ignore totally.
++		   (when (or safe (not (eq enable-local-variables :safe)))
++		     (push elt all-vars)
++		     (or (eq enable-local-eval t)
++			 safe
++			 (push elt unsafe-vars))))))
+ 	      ;; Ignore duplicates (except `mode') in the present list.
+ 	      ((and (assq var all-vars) (not (eq var 'mode))) nil)
+ 	      ;; Accept known-safe variables.

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201209230031.q8N0VYxs075278>