FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The last vuln.xml file processed by FreshPorts is:

Revision:  441568
Date:      2017-05-24
Time:      09:31:52Z
Committer: brnrd

List all Vulnerabilities, by package

List all Vulnerabilities, by date

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
c1e5f35e-f93d-11e1-b07f-00235a5f2c9aemacs -- remote code execution vulnerability

Chong Yidong reports:

Paul Ling has found a security flaw in the file-local variables code in GNU Emacs.

When the Emacs user option `enable-local-variables' is set to `:safe' (the default value is t), Emacs should automatically refuse to evaluate `eval' forms in file-local variable sections. Due to the bug, Emacs instead automatically evaluates such `eval' forms. Thus, if the user changes the value of `enable-local-variables' to `:safe', visiting a malicious file can cause automatic execution of arbitrary Emacs Lisp code with the permissions of the user.

The bug is present in Emacs 23.2, 23.3, 23.4, and 24.1.

Discovery 2012-08-13
Entry 2012-09-08
Modified 2013-05-13
gt 24.* lt 24.2

gt 23.* le 23.4_2