Gutsy fix published as USN-541-1. Thanks again!
** Changed in: emacs22 (Ubuntu Gutsy)
Status: Fix Committed => Fix Released
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification because you are a member of Ubuntu
Bugs, w
Thanks for the reproduction steps. The ":safe" settings is what I
needed. I have uploaded this for gutsy. Thanks!
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug
Uploaded packaging fix to Hardy.
** Changed in: emacs22 (Ubuntu)
Status: Fix Committed => Fix Released
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contac
I tested it just now with -0ubuntu5 from gutsy. The exploit worked, so
it is definitely vulnerable. I'll go into more exact details to
replicate the exploit.
- Download the file. Save it to ~/hack.txt.
- Copy your ~/.emacs file, if you have one, to ~/testme. If you don't have
one, just touc
Using the Debian bug's PoC, I was not able to reproduce this problem in
Gutsy. Is this actually vulnerable? Is there some local configuration
I need to have set first?
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification becau
** Changed in: emacs22 (Debian)
Status: Confirmed => Fix Released
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing
The updated fix is now available for both hardy and feisty-backports, so
setting the "generic" part of this bug back to Fix Committed.
** Changed in: emacs22 (Ubuntu)
Status: In Progress => Fix Committed
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/15952
Here's the updated feisty-backports debdiff.
** Attachment removed: "security-42.debdiff"
http://launchpadlibrarian.net/10262291/security-42.debdiff
** Attachment added: "feisty-backports"
http://launchpadlibrarian.net/10264940/security-42.debdiff
--
Security hole in handling of local va
** Attachment removed: "security-6.debdiff"
http://launchpadlibrarian.net/10262241/security-6.debdiff
** Attachment removed: "security-5.1.debdiff"
http://launchpadlibrarian.net/10262441/security-5.1.debdiff
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/
Resetting the gutsy part back to Fix Committed.
** Changed in: emacs22 (Ubuntu Gutsy)
Status: In Progress => Fix Committed
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification because you are a member of Ubuntu
Bugs, whi
I've bookmarked that page in case another security issue comes up in the
future. Good to know that the erroneous package didn't hit gutsy-
security.
Here's the corrected debdiff for hardy, based on -0ubuntu6.
** Attachment added: "hardy"
http://launchpadlibrarian.net/10264692/security-7.debd
No worries; I had to extract your patch -- I can't publish the kinds of
major packaging changes you have in your debdiff. :) We need to follow
the Security Update Process[1] for these kinds of things.
[1] https://wiki.ubuntu.com/SecurityUpdateProcedures
--
Security hole in handling of local va
** Changed in: emacs22 (Ubuntu Gutsy)
Status: Fix Committed => In Progress
** Changed in: emacs22 (Ubuntu)
Status: Fix Committed => In Progress
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification because you are
I'm sorry; I completely loused up the debian/rules file after all -- it
isn't applying the patches (and hence, the fix isn't being applied
either). I will be supplying new debdiffs shortly.
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this b
This for getting this ready! I'm getting it uploaded to the security
queue now.
** Changed in: emacs22 (Ubuntu Gutsy)
Assignee: (unassigned) => Kees Cook (keescook)
Status: In Progress => Fix Committed
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/1
Improved gutsy-security debdiff that includes CVE #.
** Attachment removed: "security-5.1.debdiff"
http://launchpadlibrarian.net/10262225/security-5.1.debdiff
** Attachment added: "security-5.1.debdiff"
http://launchpadlibrarian.net/10262441/security-5.1.debdiff
--
Security hole in handl
** Changed in: emacs22 (Ubuntu Gutsy)
Status: New => In Progress
** Changed in: emacs22 (Ubuntu)
Status: Confirmed => In Progress
** Changed in: emacs22 (Ubuntu)
Status: In Progress => Fix Committed
--
Security hole in handling of local variables
https://bugs.launchpad.net/
Here's the debdiff for feisty-backports.
** Attachment added: "security-42.debdiff"
http://launchpadlibrarian.net/10262291/security-42.debdiff
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification because you are a member of
And here's one for hardy.
** Attachment added: "security-6.debdiff"
http://launchpadlibrarian.net/10262241/security-6.debdiff
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification because you are a member of Ubuntu
Bugs, whic
Here's a debdiff for gutsy-security.
** Attachment added: "security-5.1.debdiff"
http://launchpadlibrarian.net/10262225/security-5.1.debdiff
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification because you are a member of Ub
** Visibility changed to: Public
--
Security hole in handling of local variables
https://bugs.launchpad.net/bugs/159525
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https
21 matches
Mail list logo
