GNU bug report logs - #63063
CVE-2021-36699 report

Package: emacs;

Reported by: Eli Zaretskii <eliz <at> gnu.org>

Date: Tue, 25 Apr 2023 07:14:02 UTC

Severity: normal

View this message in rfc822 format

From: Robert Pluim <rpluim <at> gmail.com>
To: Eli Zaretskii <eliz <at> gnu.org>
Cc: luangruo <at> yahoo.com, lux <lx <at> shellcodes.org>, fuo <at> fuo.fi, 63063 <at> debbugs.gnu.org
Subject: bug#63063: CVE-2021-36699 report
Date: Tue, 25 Apr 2023 18:17:24 +0200

>>>>> On Tue, 25 Apr 2023 19:01:47 +0300, Eli Zaretskii <eliz <at> gnu.org> said:

    >> From: lux <lx <at> shellcodes.org>
    >> Cc: 63063 <at> debbugs.gnu.org, fuo <at> fuo.fi
    >> Date: Tue, 25 Apr 2023 23:54:33 +0800
    >> 
    >> I think if the reported CVEs are real and valid, they should be taken
    >> seriously.

    Eli> I agree, but in this case all I see is a convoluted way of having
    Eli> Emacs crash.  That's not a security problem in my book.

"Itʼs a denial of service attack. You MUST fix it. Whereʼs my fee?"

(sorry, I too deal with this kind of stuff far too often).

Robert
--

This bug report was last modified 2 years and 112 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #63063 CVE-2021-36699 report

GNU bug report logs - #63063
CVE-2021-36699 report