emacs: 25.2 -> 25.3

https://lists.gnu.org/archive/html/emacs-devel/2017-09/msg00211.html

> This is an emergency release to fix a security vulnerability in Emacs.
>
> Enriched Text mode has its support for decoding 'x-display' disabled.
> This feature allows saving 'display' properties as part of text.
> Emacs 'display' properties support evaluation of arbitrary Lisp forms
> as part of instantiating the property, so decoding 'x-display' is
> vulnerable to executing arbitrary malicious Lisp code included in the
> text (e.g., sent as part of an email message).
This commit is contained in:
Mikael Brockman 2017-09-12 09:43:50 +03:00
parent ca449e93ea
commit 78f457c76c

View File

@ -26,12 +26,12 @@ let
in
stdenv.mkDerivation rec {
name = "emacs-${version}${versionModifier}";
version = "25.2";
version = "25.3";
versionModifier = "";
src = fetchurl {
url = "mirror://gnu/emacs/${name}.tar.xz";
sha256 = "1ykkq0xl28ljdg61bm6gzy04ww86ajms98gix72qg6cpr6a53dar";
sha256 = "02y00y9q42g1iqgz5qhmsja75hwxd88yrn9zp14lanay0zkwafi5";
};
patches = (lib.optional stdenv.isDarwin ./at-fdcwd.patch);