Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emac

emacs-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emac

From:	Eli Zaretskii
Subject:	Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop
Date:	Thu, 09 Mar 2023 09:19:53 +0200

> From: Po Lu <luangruo@yahoo.com>
> Cc: Ulrich Mueller <ulm@gentoo.org>,  rpluim@gmail.com,  emacs-devel@gnu.org
> Date: Thu, 09 Mar 2023 08:50:21 +0800
> 
> Eli Zaretskii <eliz@gnu.org> writes:
> 
> > I hope it is, but I thought this about Bash as well...
> 
> sed is be portable as long as you avoid alternation, separators in
> patterns, empty parenthesized patterns, character classes, nested
> parentheses, and some other pitfalls which don't immediately come to
> mind.

I meant its being installed, not what it can portably accept.  If
there are GNU systems out there without Bash (oh, horror!), then
anything goes.

What next? GNU systems without Coreutils or Grep or Find?  Systems
without GCC (or any compiler) are already widespread.  The end of the
world must be near...

[Prev in Thread]

Current Thread

[Next in Thread]

Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop, (continued)

Prev by Date: Re: scratch/comp-static-data af569fa3d90 2/2: src/comp.c: Simplify alloc_class_check.
Next by Date: Re: Merging feature/android
Previous by thread: Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop
Next by thread: Re: emacs-29 3c1693d08b0: Fix Elisp code injection vulnerability in emacsclient-mail.desktop
Index(es):
- Date
- Thread