* Security: Gnus & GNU Emacs 25.2 enriched text remote code execution
@ 2017-09-11 21:57 Reiner Steib
0 siblings, 0 replies; only message in thread
From: Reiner Steib @ 2017-09-11 21:57 UTC (permalink / raw)
To: info-gnus-english, ding
Emacs 25.3 is an emergency release to fix a security vulnerability
that is exploitable remotely in Emacs-based mail clients (such as
Gnus).
Please update to Emacs 25.3 as soon as possible:
http://lists.gnu.org/archive/html/info-gnu-emacs/2017-09/msg00000.html
To work around the bug in Emacs versions before 25.3, put the
following code in your personal or site-wide Emacs init file
(~/.emacs, ~/emacs.d/init.el, site-start.el):
(eval-after-load "enriched"
'(defun enriched-decode-display-prop (start end &optional param)
(list start end)))
See also <http://www.openwall.com/lists/oss-security/2017/09/11/1>.
Bye, Reiner.
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2017-09-11 21:57 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-09-11 21:57 Security: Gnus & GNU Emacs 25.2 enriched text remote code execution Reiner Steib
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).