GNU bug report logs - #63063
CVE-2021-36699 report

Previous Next

Package: emacs;

Reported by: Eli Zaretskii <eliz <at> gnu.org>

Date: Tue, 25 Apr 2023 07:14:02 UTC

Severity: normal

Full log

Message #14 received at 63063 <at> debbugs.gnu.org (full text, mbox):

From: Eli Zaretskii <eliz <at> gnu.org>
To: Po Lu <luangruo <at> yahoo.com>
Cc: 63063 <at> debbugs.gnu.org, fuo <at> fuo.fi, nicolas <at> n16f.net
Subject: Re: CVE-2021-36699 report
Date: Tue, 25 Apr 2023 10:53:54 +0300

> From: Po Lu <luangruo <at> yahoo.com>
> Cc: fuomag9 <fuo <at> fuo.fi>,  emacs-devel <at> gnu.org
> Date: Tue, 25 Apr 2023 15:21:27 +0800
> 
> Nicolas Martyanoff <nicolas <at> n16f.net> writes:
> 
> > Is there a reason why Emacs does not validate dump files while reading
> > them as any other program with any other data format? Nothing good ever
> > comes from buffer overflows.
> 
> Is there any reason Unix does not verify that machine code is free of
> bugs before loading an a.out into memory?

Please keep this discussion on the bug tracker, not on emacs-devel.

PLEASE!!
This bug report was last modified 2 years and 56 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.