summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorUlrich Müller <ulm@gentoo.org>2017-09-11 19:28:54 +0200
committerUlrich Müller <ulm@gentoo.org>2017-09-11 19:28:54 +0200
commit9b7d42cbf4ccc1a7099ac24d94306b6c9002d23c (patch)
tree9b0b03d1c98db67931aba67d7c0a1187bd81c87b
parentFix compilation with glibc-2.24. (diff)
downloademacs-patches-emacs-25.2-patches-1.tar.gz
emacs-patches-emacs-25.2-patches-1.tar.bz2
emacs-patches-emacs-25.2-patches-1.zip
Fix security vulnerability in enriched mode, bug 630680.emacs-25.2-patches-1emacs-24.5-patches-4emacs-23.4-patches-21
-rw-r--r--emacs/23.4/29_all_enriched-mode.patch79
-rw-r--r--emacs/24.5/08_all_enriched-mode.patch78
-rw-r--r--emacs/25.2/01_all_enriched-mode.patch80
3 files changed, 237 insertions, 0 deletions
diff --git a/emacs/23.4/29_all_enriched-mode.patch b/emacs/23.4/29_all_enriched-mode.patch
new file mode 100644
index 0000000..b4b682f
--- /dev/null
+++ b/emacs/23.4/29_all_enriched-mode.patch
@@ -0,0 +1,79 @@
+Fix security vulnerability in enriched mode.
+https://bugs.gentoo.org/630680
+
+Backported from Emacs 25:
+
+commit 9ad0fcc54442a9a01d41be19880250783426db70
+Author: Lars Ingebrigtsen <larsi@gnus.org>
+Date: Fri Sep 8 20:23:31 2017 -0700
+
+ Remove unsafe enriched mode translations
+
+ * lisp/gnus/mm-view.el (mm-inline-text):
+ Do not worry about enriched or richtext type.
+ * lisp/textmodes/enriched.el (enriched-translations):
+ Remove translations for FUNCTION, display (Bug#28350).
+ (enriched-handle-display-prop, enriched-decode-display-prop): Remove.
+
+--- emacs-23.4-orig/lisp/gnus/mm-view.el
++++ emacs-23.4/lisp/gnus/mm-view.el
+@@ -454,10 +454,6 @@
+ (goto-char (point-max))))
+ (save-restriction
+ (narrow-to-region b (point))
+- (when (member type '("enriched" "richtext"))
+- (set-text-properties (point-min) (point-max) nil)
+- (ignore-errors
+- (enriched-decode (point-min) (point-max))))
+ (mm-handle-set-undisplayer
+ handle
+ `(lambda ()
+--- emacs-23.4-orig/lisp/textmodes/enriched.el
++++ emacs-23.4/lisp/textmodes/enriched.el
+@@ -118,12 +118,7 @@
+ (full "flushboth")
+ (center "center"))
+ (PARAMETER (t "param")) ; Argument of preceding annotation
+- ;; The following are not part of the standard:
+- (FUNCTION (enriched-decode-foreground "x-color")
+- (enriched-decode-background "x-bg-color")
+- (enriched-decode-display-prop "x-display"))
+ (read-only (t "x-read-only"))
+- (display (nil enriched-handle-display-prop))
+ (unknown (nil format-annotate-value))
+ ; (font-size (2 "bigger") ; unimplemented
+ ; (-2 "smaller"))
+@@ -474,33 +469,6 @@
+ (message "Warning: no color specified for <x-bg-color>")
+ nil))
+
+-;;; Handling the `display' property.
+-
+-
+-(defun enriched-handle-display-prop (old new)
+- "Return a list of annotations for a change in the `display' property.
+-OLD is the old value of the property, NEW is the new value. Value
+-is a list `(CLOSE OPEN)', where CLOSE is a list of annotations to
+-close and OPEN a list of annotations to open. Each of these lists
+-has the form `(ANNOTATION PARAM ...)'."
+- (let ((annotation "x-display")
+- (param (prin1-to-string (or old new))))
+- (if (null old)
+- (cons nil (list (list annotation param)))
+- (cons (list (list annotation param)) nil))))
+-
+-(defun enriched-decode-display-prop (start end &optional param)
+- "Decode a `display' property for text between START and END.
+-PARAM is a `<param>' found for the property.
+-Value is a list `(START END SYMBOL VALUE)' with START and END denoting
+-the range of text to assign text property SYMBOL with value VALUE."
+- (let ((prop (when (stringp param)
+- (condition-case ()
+- (car (read-from-string param))
+- (error nil)))))
+- (unless prop
+- (message "Warning: invalid <x-display> parameter %s" param))
+- (list start end 'display prop)))
+
+ ;; arch-tag: 05cae488-3fea-45cd-ac29-5b02cb64e42b
+ ;;; enriched.el ends here
diff --git a/emacs/24.5/08_all_enriched-mode.patch b/emacs/24.5/08_all_enriched-mode.patch
new file mode 100644
index 0000000..4979b5e
--- /dev/null
+++ b/emacs/24.5/08_all_enriched-mode.patch
@@ -0,0 +1,78 @@
+Fix security vulnerability in enriched mode.
+https://bugs.gentoo.org/630680
+
+Backported from Emacs 25:
+
+commit 9ad0fcc54442a9a01d41be19880250783426db70
+Author: Lars Ingebrigtsen <larsi@gnus.org>
+Date: Fri Sep 8 20:23:31 2017 -0700
+
+ Remove unsafe enriched mode translations
+
+ * lisp/gnus/mm-view.el (mm-inline-text):
+ Do not worry about enriched or richtext type.
+ * lisp/textmodes/enriched.el (enriched-translations):
+ Remove translations for FUNCTION, display (Bug#28350).
+ (enriched-handle-display-prop, enriched-decode-display-prop): Remove.
+
+--- emacs-24.5-orig/lisp/gnus/mm-view.el
++++ emacs-24.5/lisp/gnus/mm-view.el
+@@ -472,10 +472,6 @@
+ (goto-char (point-max))))
+ (save-restriction
+ (narrow-to-region b (point))
+- (when (member type '("enriched" "richtext"))
+- (set-text-properties (point-min) (point-max) nil)
+- (ignore-errors
+- (enriched-decode (point-min) (point-max))))
+ (mm-handle-set-undisplayer
+ handle
+ `(lambda ()
+--- emacs-24.5-orig/lisp/textmodes/enriched.el
++++ emacs-24.5/lisp/textmodes/enriched.el
+@@ -117,12 +117,7 @@
+ (full "flushboth")
+ (center "center"))
+ (PARAMETER (t "param")) ; Argument of preceding annotation
+- ;; The following are not part of the standard:
+- (FUNCTION (enriched-decode-foreground "x-color")
+- (enriched-decode-background "x-bg-color")
+- (enriched-decode-display-prop "x-display"))
+ (read-only (t "x-read-only"))
+- (display (nil enriched-handle-display-prop))
+ (unknown (nil format-annotate-value))
+ ; (font-size (2 "bigger") ; unimplemented
+ ; (-2 "smaller"))
+@@ -476,32 +471,5 @@
+ (message "Warning: no color specified for <x-bg-color>")
+ nil))
+
+-;;; Handling the `display' property.
+-
+-
+-(defun enriched-handle-display-prop (old new)
+- "Return a list of annotations for a change in the `display' property.
+-OLD is the old value of the property, NEW is the new value. Value
+-is a list `(CLOSE OPEN)', where CLOSE is a list of annotations to
+-close and OPEN a list of annotations to open. Each of these lists
+-has the form `(ANNOTATION PARAM ...)'."
+- (let ((annotation "x-display")
+- (param (prin1-to-string (or old new))))
+- (if (null old)
+- (cons nil (list (list annotation param)))
+- (cons (list (list annotation param)) nil))))
+-
+-(defun enriched-decode-display-prop (start end &optional param)
+- "Decode a `display' property for text between START and END.
+-PARAM is a `<param>' found for the property.
+-Value is a list `(START END SYMBOL VALUE)' with START and END denoting
+-the range of text to assign text property SYMBOL with value VALUE."
+- (let ((prop (when (stringp param)
+- (condition-case ()
+- (car (read-from-string param))
+- (error nil)))))
+- (unless prop
+- (message "Warning: invalid <x-display> parameter %s" param))
+- (list start end 'display prop)))
+
+ ;;; enriched.el ends here
diff --git a/emacs/25.2/01_all_enriched-mode.patch b/emacs/25.2/01_all_enriched-mode.patch
new file mode 100644
index 0000000..fe70b34
--- /dev/null
+++ b/emacs/25.2/01_all_enriched-mode.patch
@@ -0,0 +1,80 @@
+Fix security vulnerability in enriched mode.
+https://bugs.gentoo.org/630680
+
+commit 9ad0fcc54442a9a01d41be19880250783426db70
+Author: Lars Ingebrigtsen <larsi@gnus.org>
+Date: Fri Sep 8 20:23:31 2017 -0700
+
+ Remove unsafe enriched mode translations
+
+ * lisp/gnus/mm-view.el (mm-inline-text):
+ Do not worry about enriched or richtext type.
+ * lisp/textmodes/enriched.el (enriched-translations):
+ Remove translations for FUNCTION, display (Bug#28350).
+ (enriched-handle-display-prop, enriched-decode-display-prop): Remove.
+
+diff --git a/lisp/gnus/mm-view.el b/lisp/gnus/mm-view.el
+index e5859d002c..77ad271d1d 100644
+--- a/lisp/gnus/mm-view.el
++++ b/lisp/gnus/mm-view.el
+@@ -383,10 +383,6 @@
+ (goto-char (point-max))))
+ (save-restriction
+ (narrow-to-region b (point))
+- (when (member type '("enriched" "richtext"))
+- (set-text-properties (point-min) (point-max) nil)
+- (ignore-errors
+- (enriched-decode (point-min) (point-max))))
+ (mm-handle-set-undisplayer
+ handle
+ `(lambda ()
+diff --git a/lisp/textmodes/enriched.el b/lisp/textmodes/enriched.el
+index beb6c6dda3..a8f0d3891a 100644
+--- a/lisp/textmodes/enriched.el
++++ b/lisp/textmodes/enriched.el
+@@ -117,12 +117,7 @@ expression, which is evaluated to get the string to insert.")
+ (full "flushboth")
+ (center "center"))
+ (PARAMETER (t "param")) ; Argument of preceding annotation
+- ;; The following are not part of the standard:
+- (FUNCTION (enriched-decode-foreground "x-color")
+- (enriched-decode-background "x-bg-color")
+- (enriched-decode-display-prop "x-display"))
+ (read-only (t "x-read-only"))
+- (display (nil enriched-handle-display-prop))
+ (unknown (nil format-annotate-value))
+ ; (font-size (2 "bigger") ; unimplemented
+ ; (-2 "smaller"))
+@@ -477,32 +472,5 @@ Return value is \(begin end name positive-p), or nil if none was found."
+ (message "Warning: no color specified for <x-bg-color>")
+ nil))
+
+-;;; Handling the `display' property.
+-
+-
+-(defun enriched-handle-display-prop (old new)
+- "Return a list of annotations for a change in the `display' property.
+-OLD is the old value of the property, NEW is the new value. Value
+-is a list `(CLOSE OPEN)', where CLOSE is a list of annotations to
+-close and OPEN a list of annotations to open. Each of these lists
+-has the form `(ANNOTATION PARAM ...)'."
+- (let ((annotation "x-display")
+- (param (prin1-to-string (or old new))))
+- (if (null old)
+- (cons nil (list (list annotation param)))
+- (cons (list (list annotation param)) nil))))
+-
+-(defun enriched-decode-display-prop (start end &optional param)
+- "Decode a `display' property for text between START and END.
+-PARAM is a `<param>' found for the property.
+-Value is a list `(START END SYMBOL VALUE)' with START and END denoting
+-the range of text to assign text property SYMBOL with value VALUE."
+- (let ((prop (when (stringp param)
+- (condition-case ()
+- (car (read-from-string param))
+- (error nil)))))
+- (unless prop
+- (message "Warning: invalid <x-display> parameter %s" param))
+- (list start end 'display prop)))
+
+ ;;; enriched.el ends here