bug#63063: CVE-2021-36699 report

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#63063: CVE-2021-36699 report

From:	Robert Pluim
Subject:	bug#63063: CVE-2021-36699 report
Date:	Tue, 25 Apr 2023 18:17:24 +0200

>>>>> On Tue, 25 Apr 2023 19:01:47 +0300, Eli Zaretskii <eliz@gnu.org> said:

    >> From: lux <lx@shellcodes.org>
    >> Cc: 63063@debbugs.gnu.org, fuo@fuo.fi
    >> Date: Tue, 25 Apr 2023 23:54:33 +0800
    >> 
    >> I think if the reported CVEs are real and valid, they should be taken
    >> seriously.

    Eli> I agree, but in this case all I see is a convoluted way of having
    Eli> Emacs crash.  That's not a security problem in my book.

"Itʼs a denial of service attack. You MUST fix it. Whereʼs my fee?"

(sorry, I too deal with this kind of stuff far too often).

Robert
--

[Prev in Thread]

Current Thread

[Next in Thread]

bug#63063: CVE-2021-36699 report, (continued)
- bug#63063: CVE-2021-36699 report, fuomag9, 2023/04/25
- bug#63063: CVE-2021-36699 report, Eli Zaretskii, 2023/04/25
- bug#63063: CVE-2021-36699 report, Eli Zaretskii, 2023/04/25
- bug#63063: CVE-2021-36699 report, Eli Zaretskii, 2023/04/25

Prev by Date: bug#63063: CVE-2021-36699 report
Next by Date: bug#61901: 30.0.50; [PATCH v3] Add safe-local-variable-directories variable.
Previous by thread: bug#63063: CVE-2021-36699 report
Next by thread: bug#63063: CVE-2021-36699 report
Index(es):
- Date
- Thread