Ubuntu
emacs22 package

Branches for Feisty

Name Status Last Modified Last Commit
lp://staging/ubuntu/feisty-backports/emacs22 1 Development 2009-06-24 06:27:15 UTC
7. [ Michael Olson: Fix security issue. ...

Author: Michael Olson
Revision Date: 2007-11-02 11:00:58 UTC

[ Michael Olson: Fix security issue. ]
* debian/patches/fix-local-vars-security.diff: New patch that fixes a
  bug in local variables handling. This bug permitted very risky, close
  to arbitrary modification of the behavior of Emacs by potentially
  untrusted visited files. Namely, highly unsafe variables like
  `load-path' could be changed without authorization. Fixes Launchpad
  #159525 and Debian #449008.
* Reference:
  CVE-2007-5795

[ Michael Olson: Bring this closer to Debian's packaging. ]
* debian/control: Remove Build-Depends for cdbs, since we really don't
  need it after all.
* debian/patches: Remove executable bits for all patches.
* debian/rules:
  - Include /usr/share/quilt/quilt.make instead of cdbs. Thanks to
    Romain Francoise for discovering this Makefile.
  - Trivial changes that minimize the differences between our package
    and Debian's:
    + Use $(...) rather than ${...}, since the former seems to be
      preferred by debian.
    + Add "set -o pipefail" before several commands involving pipes, so
      that the error code returned is the one for the first command with
      an error in the pipe. Since the version of bash in Debian sarge
      does not support this option, and we want to be able to share
      changes with Romain's emacs-snapshot backport for sarge, send the
      output of set to /dev/null and force the exit status to be 0.
    + (nominal_ver): Split command into multiple lines.
    + Reorganize some sections to make it easier to compare changes.
    + Export DEB_HOST_GNU_TYPE and DEB_BUILD_GNU_TYPE.
    + Rename DEB_TRASH to deb_trash.
    + Rename bin_name to flavor.
    + Update comments.
    + (confflags): Use "--build=" instead of "--build " and "--host="
      instead of "--host ".
    + (deb_orig_tgz): Introduce.
    + (persistent_autogen_build_files)
      (nonpersistent_autogen_build_files)
      (persistent_autogen_install_files)
      (nonpersistent_autogen_install_files, autogen_build_files)
      (autogen_install_files, persistent_autogen_files)
      (nonpersistent_autogen_files): New variables that replace
      PERSISTENT_AUTOGEN_FILES, NONPERSISTENT_AUTOGEN_FILES, and
      DEBPKGFILES.
  - (quilt): New variable that specifies how to call quilt. This
    particular name was chosen because Debian uses it in their emacs22
    packaging.
  - (patch_info): Use $(quilt) rather than $(DEB_QUILT_CMD).
11 of 1 result FirstPreviousNextLast