Emacs 25.3 Released To Fix A Security Vulnerability Of Malicious Lisp Scripts
Emacs 25.3 is now available, but it doesn't offer major new features, rather it fixes a security vulnerability.
Emacs' x-display decoding feature within the Enriched Text mode could lead to executing arbitrary malicious Lisp code within the text.
This vulnerability has been present in Emacs since 1995 with Emacs 19.29.
Aside from upgrading to Emacs 25.3 to fend off malicious Lisp attacks, the Emacs user configuration file can also be changed to disable the exploitable functionality.
More details on info-gnu.
Emacs' x-display decoding feature within the Enriched Text mode could lead to executing arbitrary malicious Lisp code within the text.
This vulnerability has been present in Emacs since 1995 with Emacs 19.29.
Aside from upgrading to Emacs 25.3 to fend off malicious Lisp attacks, the Emacs user configuration file can also be changed to disable the exploitable functionality.
More details on info-gnu.
10 Comments