[emacs/f17] Fix CVE-2012-3479
Karel Klíč
kklic at fedoraproject.org
Mon Aug 13 16:07:26 UTC 2012
commit af4d8ef765d146c5a29804ad5edff76308c5ded4
Author: Karel Klic <kklic at redhat.com>
Date: Mon Aug 13 18:07:53 2012 +0200
Fix CVE-2012-3479
emacs-cve-2012-3479.patch | 33 +++++++++++++++++++++++++++++++++
emacs.spec | 9 ++++++++-
2 files changed, 41 insertions(+), 1 deletions(-)
---
diff --git a/emacs-cve-2012-3479.patch b/emacs-cve-2012-3479.patch
new file mode 100644
index 0000000..17d1abe
--- /dev/null
+++ b/emacs-cve-2012-3479.patch
@@ -0,0 +1,33 @@
+*** emacs-24.1/lisp/files.el~ 2012-08-13 10:54:50.256181658 +0800
+--- emacs-24.1/lisp/files.el 2012-08-13 10:54:58.076181990 +0800
+***************
+*** 3107,3117 ****
+ ;; Obey `enable-local-eval'.
+ ((eq var 'eval)
+ (when enable-local-eval
+! (push elt all-vars)
+! (or (eq enable-local-eval t)
+! (hack-one-local-variable-eval-safep (eval (quote val)))
+! (safe-local-variable-p var val)
+! (push elt unsafe-vars))))
+ ;; Ignore duplicates (except `mode') in the present list.
+ ((and (assq var all-vars) (not (eq var 'mode))) nil)
+ ;; Accept known-safe variables.
+--- 3107,3122 ----
+ ;; Obey `enable-local-eval'.
+ ((eq var 'eval)
+ (when enable-local-eval
+! (let ((safe (or (hack-one-local-variable-eval-safep
+! (eval (quote val)))
+! ;; In case previously marked safe (bug#5636).
+! (safe-local-variable-p var val))))
+! ;; If not safe and e-l-v = :safe, ignore totally.
+! (when (or safe (not (eq enable-local-variables :safe)))
+! (push elt all-vars)
+! (or (eq enable-local-eval t)
+! safe
+! (push elt unsafe-vars))))))
+ ;; Ignore duplicates (except `mode') in the present list.
+ ((and (assq var all-vars) (not (eq var 'mode))) nil)
+ ;; Accept known-safe variables.
+
diff --git a/emacs.spec b/emacs.spec
index e642ceb..1ef895f 100644
--- a/emacs.spec
+++ b/emacs.spec
@@ -3,7 +3,7 @@ Summary: GNU Emacs text editor
Name: emacs
Epoch: 1
Version: 24.1
-Release: 3%{?dist}
+Release: 4%{?dist}
License: GPLv3+
URL: http://www.gnu.org/software/emacs/
Group: Applications/Editors
@@ -30,6 +30,8 @@ Patch3: rpm-spec-mode-changelog.patch
Patch7: emacs-spellchecker.patch
# rhbz#830162
Patch8: emacs-locate-library.patch
+# rhbz#847702
+Patch9: emacs-cve-2012-3479.patch
BuildRequires: atk-devel, cairo-devel, freetype-devel, fontconfig-devel, dbus-devel, giflib-devel, glibc-devel, gtk2-devel, libpng-devel
BuildRequires: libjpeg-devel, libtiff-devel, libX11-devel, libXau-devel, libXdmcp-devel, libXrender-devel, libXt-devel
@@ -152,6 +154,7 @@ packages that add functionality to Emacs.
%patch0 -p1 -b .glibc-open-macro
%patch7 -p1 -b .spellchecker
%patch8 -p1 -b .locate-library
+%patch9 -p1 -b .cve-2012-3479
# Install site-lisp files
cp %SOURCE7 %SOURCE10 site-lisp
@@ -436,6 +439,10 @@ update-desktop-database &> /dev/null || :
%dir %{_datadir}/emacs/site-lisp/site-start.d
%changelog
+* Mon Aug 13 2012 Karel Klíč <kklic at redhat.com> - 1:24.1-4
+- Fix CVE-2012-3479: Evaluation of 'eval' forms in file-local variable
+ sections, when 'enable-local-variables' set to ':safe'
+
* Fri Jul 13 2012 Karel Klíč <kklic at redhat.com> - 1:24.1-3
- Revert the switch from GTK 3 to GTK 2 for this release
More information about the scm-commits
mailing list