emacs: 25.2 -> 25.3
https://lists.gnu.org/archive/html/emacs-devel/2017-09/msg00211.html > This is an emergency release to fix a security vulnerability in Emacs. > > Enriched Text mode has its support for decoding 'x-display' disabled. > This feature allows saving 'display' properties as part of text. > Emacs 'display' properties support evaluation of arbitrary Lisp forms > as part of instantiating the property, so decoding 'x-display' is > vulnerable to executing arbitrary malicious Lisp code included in the > text (e.g., sent as part of an email message).
This commit is contained in:
parent
ca449e93ea
commit
78f457c76c
@ -26,12 +26,12 @@ let
|
||||
in
|
||||
stdenv.mkDerivation rec {
|
||||
name = "emacs-${version}${versionModifier}";
|
||||
version = "25.2";
|
||||
version = "25.3";
|
||||
versionModifier = "";
|
||||
|
||||
src = fetchurl {
|
||||
url = "mirror://gnu/emacs/${name}.tar.xz";
|
||||
sha256 = "1ykkq0xl28ljdg61bm6gzy04ww86ajms98gix72qg6cpr6a53dar";
|
||||
sha256 = "02y00y9q42g1iqgz5qhmsja75hwxd88yrn9zp14lanay0zkwafi5";
|
||||
};
|
||||
|
||||
patches = (lib.optional stdenv.isDarwin ./at-fdcwd.patch);
|
||||
|
Loading…
Reference in New Issue
Block a user