Emacs 25.3 Released To Fix A Security Vulnerability Of Malicious Lisp Scripts

Written by Michael Larabel in GNU on 11 September 2017 at 07:37 PM EDT. 10 Comments
GNU
Emacs 25.3 is now available, but it doesn't offer major new features, rather it fixes a security vulnerability.

Emacs' x-display decoding feature within the Enriched Text mode could lead to executing arbitrary malicious Lisp code within the text.

This vulnerability has been present in Emacs since 1995 with Emacs 19.29.

Aside from upgrading to Emacs 25.3 to fend off malicious Lisp attacks, the Emacs user configuration file can also be changed to disable the exploitable functionality.

More details on info-gnu.
10 Comments
Related News
GNU Portability Library's Tool Rewritten In Python For 8~100x Better Performance
GCC 14 Compiler Adds AArch64 GNU/Hurd Support
GCC 14 Boasts Nice ASCII Art For Visualizing Buffer Overflows
GNU Poke 4.0 & Poke-ELF 1.0 Released For Dealing With Binary Data
GNU Coreutils 9.5 Can Yield 10~20% Throughput Boost For cp, mv & cat Commands
IBM Posts GCC Patches For -mcpu=power11 Support
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
Rust-Written LAVD Kernel Scheduler Shows Promising Results For Linux Gaming
Former Nouveau Lead Developer Joins NVIDIA, Continues Working On Open-Source Driver
Fedora Linux 40 Cleared For Release Next Week
AMD: "Additional Parts Of The Radeon Stack To Be Open Sourced Throughout The Year"
Mozilla Finally Begins Offering Firefox ARM64 Linux Binaries
Ubuntu 24.04 Supports Easy Installation Of OpenZFS Root File-System With Encryption
openSUSE Factory Achieves Bit-By-Bit Reproducible Builds
Linux 6.10 Preps A Kernel Panic Screen - Sort Of A "Blue Screen of Death"