mirror of
git://slackware.nl/current.git
synced 2024-12-31 10:28:29 +01:00
d17567f359
patches/packages/emacs-27.2-x86_64-2_slack15.0.txz: Rebuilt.
GNU Emacs through 28.2 allows attackers to execute commands via shell
metacharacters in the name of a source-code file, because lib-src/etags.c
uses the system C library function in its implementation of the ctags
program. For example, a victim may use the "ctags *" command (suggested in
the ctags documentation) in a situation where the current working directory
has contents that depend on untrusted input.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45939
(* Security fix *)
patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txz: Upgraded.
This update fixes various security issues such as a heap-based buffer
overflow and use after free.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-4141
https://www.cve.org/CVERecord?id=CVE-2022-3591
https://www.cve.org/CVERecord?id=CVE-2022-3520
https://www.cve.org/CVERecord?id=CVE-2022-3491
https://www.cve.org/CVERecord?id=CVE-2022-4292
https://www.cve.org/CVERecord?id=CVE-2022-4293
(* Security fix *)
patches/packages/vim-gvim-9.0.1034-x86_64-1_slack15.0.txz: Upgraded.
10 lines
478 B
Bash
10 lines
478 B
Bash
# Vim ships a better (IMHO) version of ctags, and we don't want
|
|
# to overwrite it with this one. If you really want emacs' ctags
|
|
# either copy or link it into place yourself, or remove the vim
|
|
# packages and reinstall emacs. Besides, does anyone know/use
|
|
# *both* emacs and vi? I'd think that would bring the universe
|
|
# to an end. ;-)
|
|
if [ ! -e usr/bin/ctags ]; then
|
|
cp -a usr/bin/ctags-emacs usr/bin/ctags
|
|
cp -a usr/man/man1/ctags-emacs.1.gz usr/man/man1/ctags.1.gz
|
|
fi
|