GNU bug report logs - #37656
27.0.50; Arbitrary code execution with special `mode:'

Previous Next

Package: emacs;

Reported by: adam plaice <plaice.adam+lists <at> gmail.com>

Date: Tue, 8 Oct 2019 08:49:02 UTC

Severity: normal

Tags: security

Found in version 27.0.50

Fixed in version 30.1

Done: Stefan Kangas <stefankangas <at> gmail.com>

Bug is archived. No further changes may be made.

Full log

View this message in rfc822 format

From: Eli Zaretskii <eliz <at> gnu.org>
To: Adam Plaice <plaiceadam <at> gmail.com>
Cc: 37656 <at> debbugs.gnu.org, stefan <at> marxist.se
Subject: bug#37656: 27.0.50; Arbitrary code execution with special `mode:'
Date: Wed, 16 Oct 2019 20:09:16 +0300

> From: Adam Plaice <plaiceadam <at> gmail.com>
> Date: Wed, 16 Oct 2019 13:51:57 +0200
> Cc: Stefan Kangas <stefan <at> marxist.se>, 37656 <at> debbugs.gnu.org
> 
> > This feature was described as "deprecated", but where and why did we
> > deprecate it?
> 
> I think bug#8613 is where the decision was made.  The deprecation is
> mentioned in files.el and the manual warns against using `mode:' for
> minor modes in:
> (info "(emacs) Specifying File Variables")

OK, thanks.

However, I don't think that removing the feature will solve the more
general problem in this bug report.

This bug report was last modified 127 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #37656 27.0.50; Arbitrary code execution with special `mode:'

GNU bug report logs - #37656
27.0.50; Arbitrary code execution with special `mode:'