Debian Patches

Status for emacs/1:28.2+1-15+deb12u3

Patch Description Author Forwarded Bugs Origin Last update
0001-Prefer-usr-share-info-emacs.patch Prefer /usr/share/info/emacs/
Emacs prefers /usr/share/info/emacs to /usr/share/info.

The value of Info-default-directory-list has been augmented via
lisp/info.el to include /usr/share/info/emacs before /usr/share/info.		 Rob Browning <rlb@defaultvalue.org> no 2013-04-07
0002-Run-debian-startup-and-set-debian-emacs-flavor.patch Run debian-startup and set debian-emacs-flavor
Emacs runs debian-startup and sets debian-emacs-flavor.

* Emacs runs debian-startup during the startup process unless
site-run-file is false.

* The global variable debian-emacs-flavor is bound to 'emacs.		 Rob Browning <rlb@defaultvalue.org> no 2011-04-04
0003-Remove-files-that-appear-to-be-incompatible-with-the.patch Remove files that appear to be incompatible with the DFSG
Files that appear to be incompatible with the DFSG have been removed.

A number of files have been removed from this package because their
licenses are not compatible with the Debian Free Software Guidelines
(DFSG), or because it wasn't completely clear that their licenses are
compatible.

In particular, all of the files which are covered under the GFDL and
have invariant sections have been removed in accordance with this
General Resolution: http://www.debian.org/vote/2006/vote_001.

The files that have been removed, but still appear to be
distributable, have been moved to packages in Debian's non-free
section.		 Rob Browning <rlb@defaultvalue.org> no 2011-04-04
0004-Adjust-documentation-references-for-Debian.patch Adjust documentation references for Debian
Various documentation references have been adjusted for Debian.

References to /usr/local/... have been changed to /usr/... as
appropriate, etc.		 Rob Browning <rlb@defaultvalue.org> no 2011-04-04
0005-Modify-the-output-of-version-to-indicate-Debian-modi.patch Modify the output of (version) to indicate Debian modifications
The output of (version) has been modified to indicate Debian modifications.		 Rob Browning <rlb@defaultvalue.org> no 2011-04-04
0006-Don-t-try-to-build-src-macuvs.h-via-IVD_Sequences.tx.patch Don't try to build src/macuvs.h (via IVD_Sequences.txt)
These are OS X specific, and were removed for now, due to uncertainty
over the licensing.		 Rob Browning <rlb@defaultvalue.org> no 2014-10-21
0007-Kill-gpg-agent-in-package-test.el-to-avoid-a-race.patch Kill gpg agent in package-test.el to avoid a race
package-test.el should no longer fail during clean up.

* Previously a delete-directories call raced with the gpg agent's own
cleanup process (presumably triggered by the first deletion of one of
the agent's sockets). As a result, it looks like the agent might
delete one of its sockets after delete-directories had decided to
delete the socket, but before it made the attempt, causing an
exception.

* To fix the problem, explicitly ask gpg-connect-agent to kill the agent
before attempting to delete the gnupg home directory, and then delete
via "rm -rf" to ignore any vanishing files.		 Rob Browning <rlb@defaultvalue.org> no 2016-10-10
0008-Mark-vc-bzr-test-fauilt-bzr-autoloads-as-unstable-fo.patch Mark vc-bzr-test-fauilt-bzr-autoloads as unstable for now
Currently the test fails like this:

Running 3 tests (2018-12-17 12:17:43-0600)
passed 1/3 vc-bzr-test-bug9726
Mark set
Press C-c C-c when you are done editing.
Enter a change comment. Type C-c C-c when done
passed 2/3 vc-bzr-test-bug9781
Falling back on "slow" status detection ((file-missing "Opening input file" "No such file or directory" "/tmp/vc-bzr-testVlgmsb/bzr/.bzr/checkout/dirstate"))
Error: (error "Running bzr status --no-classify loaddefs.el...FAILED (status 3)")
Warnings in `bzr' output: bzr: ERROR: invalid header line: ''

Error: (error "Running bzr status --no-classify loaddefs.el...FAILED (status 3)")
Warnings in `bzr' output: bzr: ERROR: invalid header line: ''

Test vc-bzr-test-faulty-bzr-autoloads backtrace:
logand(nil 128)
vc-mode-line("/tmp/vc-bzr-testVlgmsb/bzr/loaddefs.el" Bzr)
vc-refresh-state()
run-hooks(find-file-hook)
after-find-file(t t)
find-file-noselect-1(#<buffer loaddefs.el> "/tmp/vc-bzr-testVlgmsb/b
find-file-noselect("/tmp/vc-bzr-testVlgmsb/bzr/loaddefs.el")
autoload-find-generated-file()
update-directory-autoloads("/tmp/vc-bzr-testVlgmsb/bzr/")
(progn (update-directory-autoloads default-directory) t)
(setq value-35 (progn (update-directory-autoloads default-directory)
(unwind-protect (setq value-35 (progn (update-directory-autoloads de
(if (unwind-protect (setq value-35 (progn (update-directory-autoload
(let (form-description-36) (if (unwind-protect (setq value-35 (progn
(let ((value-35 (gensym "ert-form-evaluation-aborted-"))) (let (form
(progn (call-process vc-bzr-program nil nil nil "init") (let ((temp-
(unwind-protect (progn (call-process vc-bzr-program nil nil nil "ini
(let* ((homedir (make-temp-file "vc-bzr-test" t)) (bzrdir (expand-fi
(lambda nil (let* ((fn-30 (function executable-find)) (args-31 (cond
ert--run-test-internal(#s(ert--test-execution-info :test #s(ert-test
ert-run-test(#s(ert-test :name vc-bzr-test-faulty-bzr-autoloads :doc
ert-run-or-rerun-test(#s(ert--stats :selector (not (or (tag :expensi
ert-run-tests((not (or (tag :expensive-test) (tag :unstable))) #f(co
ert-run-tests-batch((not (or (tag :expensive-test) (tag :unstable)))
ert-run-tests-batch-and-exit((not (or (tag :expensive-test) (tag :un
eval((ert-run-tests-batch-and-exit '(not (or (tag :expensive-test) (
command-line-1(("-L" ":/home/locke/tmp/main-26.1/debian/build-src/te
command-line()
normal-top-level()
Test vc-bzr-test-faulty-bzr-autoloads condition:
(wrong-type-argument number-or-marker-p nil)
FAILED 3/3 vc-bzr-test-faulty-bzr-autoloads

Ran 3 tests, 2 results as expected, 1 unexpected (2018-12-17 12:17:46-0600)

1 unexpected results:
FAILED vc-bzr-test-faulty-bzr-autoloads		 Rob Browning <rlb@defaultvalue.org> no 2018-12-16
0009-pdumper-set-DUMP_RELOC_ALIGNMENT_BITS-1-for-m68k.patch pdumper: set DUMP_RELOC_ALIGNMENT_BITS=1 for m68k
Before the change builds would fail like this:

(...)
Loading /<<BUILDDIR>>/emacs-27.1+1/debian/build-src/lisp/vc/vc-hooks.el (source)...
Loading /<<BUILDDIR>>/emacs-27.1+1/debian/build-src/lisp/vc/ediff-hook.el (source)...
Loading /<<BUILDDIR>>/emacs-27.1+1/debian/build-src/lisp/uniquify.el (source)...
Loading /<<BUILDDIR>>/emacs-27.1+1/debian/build-src/lisp/electric.el (source)...
Loading /<<BUILDDIR>>/emacs-27.1+1/debian/build-src/lisp/emacs-lisp/eldoc.el (source)...
Loading /<<BUILDDIR>>/emacs-27.1+1/debian/build-src/lisp/cus-start.el (source)...
Loading /<<BUILDDIR>>/emacs-27.1+1/debian/build-src/lisp/tooltip.el (source)...
Finding pointers to doc strings...
Finding pointers to doc strings...done
Dumping under the name bootstrap-emacs.pdmp
dumping fingerprint: 7b5c59c589dc151eb1e4269bd83fbe809616b5cb9bb5c80014d5b560b391dfb6
dump relocation out of range

[rlb@defaultvalue.org: create commit message]		 John Paul Adrian Glaubitz <glaubitz@physik.fu-berlin.de> not-needed debian upstream debian 2022-09-24
0010-Avoid-fork-bomb-caused-by-native-compilation.patch Avoid fork bomb caused by native compilation
This upstream patch has been incorporated to fix the problem:

Prevent potential native compilation infinite recursions

* lisp/emacs-lisp/comp.el (comp-no-spawn): New var.
(comp-subr-trampoline-install, comp-final, comp-run-async-workers)
(comp--native-compile): Update.		 Andrea Corallo <akrl@sdf.org> not-needed debian upstream, commit: 1a8015b83761f27d299b1ffa45fc045bb76daf8a 2022-10-15
0011-Avoid-fork-bomb-caused-by-native-compilation-trampol.patch Avoid fork bomb caused by native compilation trampolines
This upstream patch has been incorporated to fix the problem:

Set `comp-no-spawn' earlier using -no-comp-spawn

* src/emacs.c (standard_args): Add '-no-comp-spawn' cmd line option.
* lisp/startup.el (command-line): Parse '-no-comp-spawn' cmd line
option.
* lisp/emacs-lisp/comp.el (comp-run-async-workers, comp-final):
Use '-no-comp-spawn'.		 Andrea Corallo <andrea.corallo@arm.com> not-needed debian upstream, commit: 5ad5b797f78dacb9c901d3c63bee05b1762fa94f 2022-10-18
0012-Fix-eln-files-not-being-generated-when-native-comp-a.patch Fix eln files not being generated when native-comp-async runs
This upstream patch has been incorporated to fix the problem:

* Fix async native compilation (bug#58637)

* lisp/emacs-lisp/comp.el (comp--native-compile): Fix gate condition.
(comp-run-async-workers): Add assetion.		 Andrea Corallo <akrl@sdf.org> not-needed debian upstream, commit: 56c63ca21b3e5e2d0bb05d3897ea287a754c5b29 2022-10-19
0013-Fix-large-core-dumps-from-background-processes.patch Fix large core dumps from background processes
This upstream patch has been incorporated to fix the problem:

Avoid dumping core upon SIGHUP in non-interactive sessions

* src/emacs.c (terminate_due_to_signal): Don't special-case
SIGINT. Patch by Paul Eggert <eggert@cs.ucla.edu>. (Bug#58956)		 Eli Zaretskii <eliz@gnu.org> not-needed debian upstream upstream, commit: 25b4cec31d580353995d87fe19ae4dab6e6e37de 2022-11-10
0014-Mark-test-undo-region-as-unstable.patch Mark test-undo-region as unstable
It is repeatedly failing on Debian's arch:all autobuilders, though
seemingly nowhere else:

passed 40/44 simple-transpose-subr (0.000396 sec)
Test test-undo-region backtrace:
signal(ert-test-failed (((should (= (length (delq nil (undo-make-sel
ert-fail(((should (= (length (delq nil (undo-make-selective-list 1 9
#f(compiled-function () #<bytecode 0x52f126616d2cdbd>)()
ert--run-test-internal(#s(ert--test-execution-info :test #s(ert-test
ert-run-test(#s(ert-test :name test-undo-region :documentation nil :
ert-run-or-rerun-test(#s(ert--stats :selector ... :tests ... :test-m
ert-run-tests((not (or (tag :expensive-test) (tag :unstable))) #f(co
ert-run-tests-batch((not (or (tag :expensive-test) (tag :unstable)))
ert-run-tests-batch-and-exit((not (or (tag :expensive-test) (tag :un
command-line-1(("-L" ":/<<PKGBUILDDIR>>/debian/build
command-line()
normal-top-level()
Test test-undo-region condition:
(ert-test-failed
((should
(=
(length ...)
2))
:form
(= 3 2)
:value nil))
FAILED 41/44 test-undo-region (0.000185 sec)		 Sean Whitton <spwhitton@spwhitton.name> no 2022-11-15
0015-Mark-flaky-test-process-tests-multiple-threads-waiti.patch Mark flaky test process-tests/multiple-threads-waiting as unstable
It times out:

passed 22/28 process-tests/fd-setsize-no-crash/make-serial-process (0.021449 sec)
make[5]: *** [Makefile:182: src/process-tests.log] Error 134
GEN src/regex-emacs-tests.log
GEN src/search-tests.log
GEN src/syntax-tests.log
GEN src/textprop-tests.log
GEN src/thread-tests.log
GEN src/timefns-tests.log
GEN src/undo-tests.log
GEN src/xdisp-tests.log
GEN src/xfaces-tests.log
GEN src/xml-tests.log
make[5]: Leaving directory '/<<PKGBUILDDIR>>/debian/build-gtk/test'
make[4]: [Makefile:335: check-doit] Error 2 (ignored)

SUMMARY OF TEST RESULTS
-----------------------
Files examined: 375
Ran 5408 tests, 28 failed to run, 5273 results as expected, 0 unexpected, 135 skipped
1 files did not finish:
src/process-tests.log
make[4]: *** [Makefile:336: check-doit] Error 2		 Sean Whitton <spwhitton@spwhitton.name> no 2022-11-15
0016-Fix-ctags-local-command-execution-vulnerability-CVE-.patch Fix ctags local command execution vulnerability (CVE-2022-45939)
This upstream patch has been incorporated to fix the problem:

Fixed ctags local command execute vulnerability

* lib-src/etags.c:

(clean_matched_file_tag): New function
(do_move_file): New function
(readline_internal):
Add `leave_cr` parameter, if true, include the \r character

* test/manual/etags/CTAGS.good_crlf: New file
* test/manual/etags/CTAGS.good_update: New file
* test/manual/etags/crlf: New file
* test/manual/etags/Makefile: Add `ctags -u` test cases		 lu4nx <lx@shellcodes.org> not-needed debian upstream upstream, commit: d48bb4874bc6cd3e69c7a15fc3c91cc141025c51 2022-11-25
0017-Add-inhibit-native-compilation.patch Add 'inhibit-native-compilation'
The following upstream patch has been backported:

Add new variable 'inhibit-native-compilation'

* lisp/startup.el (normal-top-level): Set
inhibit-native-compilation from environment variable.

* lisp/emacs-lisp/comp.el (comp-trampoline-compile): Don't write
trampolines to disk.

* lisp/progmodes/elisp-mode.el
(emacs-lisp-native-compile-and-load): Adjust.

* src/comp.c (syms_of_comp): New variable
inhibit-native-compilation.
(maybe_defer_native_compilation): Use it.		 Lars Ingebrigtsen <larsi@gnus.org> not-needed upstream, commit: 5fec9182dbeffa88cef6651d8c798ef9665d6681 2022-10-03
0018-Rename-to-inhibit-automatic-native-compilation.patch Rename to 'inhibit-automatic-native-compilation'
The following upstream patch has been backported:

Rename to inhibit-automatic-native-compilation

* src/comp.c (maybe_defer_native_compilation):
(syms_of_comp):
* lisp/startup.el (inhibit-native-compilation):
(normal-top-level):
* lisp/progmodes/elisp-mode.el (emacs-lisp-native-compile-and-load):
* lisp/emacs-lisp/comp.el (comp-trampoline-compile): Rename
inhibit-native-compilation to inhibit-automatic-native-compilation.		 Lars Ingebrigtsen <larsi@gnus.org> not-needed upstream, commit f97993ee667f9be7589825f3a4fbc095d6944ec6 2022-10-03
0019-Fix-copyright-tests-for-2023-onwards.patch Fix copyright tests for 2023 onwards
This upstream patch has been incorporated to fix the problem:

; * test/lisp/emacs-lisp/copyright-tests.el: Fix and future-safe.		 =?UTF-8?q?Mattias=20Engdeg=C3=A5rd?= <mattiase@acm.org> not-needed debian upstream, commit: da77d70deeb2798693ec4f28a291befeb8e43989 2023-01-01
0020-Fix-htmlfontify.el-command-injection-vulnerability-C.patch Fix htmlfontify.el command injection vulnerability (CVE-2022-48339)
This upstream patch has been incorporated to fix the problem:

Fix htmlfontify.el command injection vulnerability.

* lisp/htmlfontify.el (hfy-text-p): Fix command injection
vulnerability. (Bug#60295)		 Xi Lu <lx@shellcodes.org> not-needed debian upstream upstream, commit 807d2d5b3a7cd1d0e3f7dd24de22770f54f5ae16 2022-12-24
0021-Fix-ruby-mode.el-command-injection-vulnerability-CVE.patch Fix ruby-mode.el command injection vulnerability (CVE-2022-48338)
This upstream patch has been incorporated to fix the problem:

Fix ruby-mode.el local command injection vulnerability (bug#60268)

* lisp/progmodes/ruby-mode.el
(ruby-find-library-file): Fix local command injection vulnerability.		 Xi Lu <lx@shellcodes.org> not-needed debian upstream upstream, commit 22fb5ff5126dc8bb01edaa0252829d853afb284f 2022-12-23
0022-Fix-etags-local-command-injection-vulnerability-CVE-.patch Fix etags local command injection vulnerability (CVE-2022-48337)
This upstream patch has been incorporated to fix the problem:

Fix etags local command injection vulnerability

* lib-src/etags.c: (escape_shell_arg_string): New function.
(process_file_name): Use it to quote file names passed to the
shell. (Bug#59817)		 lu4nx <lx@shellcodes.org> not-needed debian upstream upstream, commit e339926272a598bd9ee7e02989c1662b89e64cf0 2022-12-06
0023-Fix-memory-leak-in-etags.c.patch Fix memory leak in etags.c
This upstream patch has been incorporated to fix the problem:

* lib-src/etags.c (process_file_name): Free malloc'ed vars (bug#61819).		 Eli Zaretskii <eliz@gnu.org> not-needed debian upstream upstream, commit 0fde314f6f6e6664cddab1b2f0fe20629cd39d14 2023-02-26
0024-Fix-quoted-argument-in-emacsclient-mail.desktop-CVE-.patch Fix quoted argument in emacsclient-mail.desktop (CVE-2023-27985)
This upstream patch has been incorporated to fix the problem:

Fix quoted argument in emacsclient-mail.desktop Exec key

Apparently the emacsclient-mail.desktop file doesn't conform to the
Desktop Entry Specification at
https://specifications.freedesktop.org/desktop-entry-spec/desktop-entry-spec-latest.html#exec-variables
which says about the Exec key:

| Field codes must not be used inside a quoted argument, the result of
| field code expansion inside a quoted argument is undefined.

However, the %u field code is used inside a quoted argument of the
Exec key in both the [Desktop Entry] and [Desktop Action new-window]
sections.
* etc/emacsclient-mail.desktop (Exec): The Desktop Entry
Specification does not allow field codes like %u inside a quoted
argument. Work around it by passing %u as first parameter ($1)
to the shell wrapper.
* etc/emacsclient.desktop (Exec): Use `sh` rather than `placeholder`
as the command name of the shell wrapper. (Bug#60204)		 =?UTF-8?q?Ulrich=20M=C3=BCller?= <ulm@gentoo.org> not-needed debian upstream upstream, commit d32091199ae5de590a83f1542a01d75fba000467 2022-12-19
0025-Fix-code-injection-vulnerability-CVE-2023-27986.patch Fix code injection vulnerability (CVE-2023-27986)
This upstream patch has been incorporated to fix the problem:

Fix Elisp code injection vulnerability in emacsclient-mail.desktop

A crafted mailto URI could contain unescaped double-quote
characters, allowing injection of Elisp code. Therefore, any
'\' and '"' characters are replaced by '\\' and '\"', using Bash
pattern substitution (which is not available in the POSIX shell).

We want to pass literal 'u=${1//\\/\\\\}; u=${u//\"/\\\"};' in the
bash -c command, but in the desktop entry '"', '$', and '\' must
be escaped as '\\"', '\\$', and '\\\\', respectively (backslashes
are expanded twice, see the Desktop Entry Specification).

Reported by Gabriel Corona <gabriel.corona@free.fr>.

* etc/emacsclient-mail.desktop (Exec): Escape backslash and
double-quote characters.		 =?UTF-8?q?Ulrich=20M=C3=BCller?= <ulm@gentoo.org> not-needed debian upstream, commit 3c1693d08b0a71d40a77e7b40c0ebc42dca2d2cc 2023-03-07
0026-Gnus-nnml-should-avoid-crashing-on-some-invalid-head.patch Gnus nnml should avoid crashing on some invalid headers
This upstream patch has been incorporated to fix the problem:

Fix storing email into nnmail by Gnus

* lisp/gnus/nnml.el (nnml--encode-headers): Wrap
'rfc2047-encode-string' calls with 'ignore-errors', to avoid
disrupting email workflows due to possibly-invalid headers.
Reported by Florian Weimer <fweimer@redhat.com>.		 Eli Zaretskii <eliz@gnu.org> not-needed debian upstream, commit: 23f7c9c2a92e4619b7c4d2286d4249f812cd695d 2022-12-19
0027-Org-Mode-vulnerability-CVE-2023-28617-is-fixed-1-2.patch Org Mode vulnerability CVE-2023-28617 is fixed (1/2)
https://security-tracker.debian.org/tracker/CVE-2023-28617

This upstream patch (1/2) has been incorporated to fix the problem:

* lisp/ob-latex.el: Fix command injection vulnerability

(org-babel-execute:latex):
Replaced the `(shell-command "mv BAR NEWBAR")' with `rename-file'.

TINYCHANGE		 Xi Lu <lx@shellcodes.org> no debian https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=a8006ea580ed74f27f974d60b598143b04ad1741 2023-03-11
0028-Org-Mode-vulnerability-CVE-2023-28617-is-fixed-2-2.patch Org Mode vulnerability CVE-2023-28617 is fixed (2/2)
https://security-tracker.debian.org/tracker/CVE-2023-28617

This upstream patch (2/2) has been incorporated to fix the problem:

Org Mode command injection vulnerability has been fixed (CVE-2023-28617)

* lisp/ob-latex.el (org-babel-execute:latex): Fix command injection vulnerability

Link: https://orgmode.org/list/tencent_5C4D5D0DEFDDBBFC66F855703927E60C7706@qq.com

TINYCHANGE		 Xi Lu <lx@shellcodes.org> no debian https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=8f8ec2ccf3f5ef8f38d68ec84a7e4739c45db485 2023-02-18
0029-org-macro-set-templates-Prevent-code-evaluation.patch org-macro--set-templates: Prevent code evaluation
* lisp/org/org-macro.el (org-macro--set-templates): Get rid of any
risk to evaluate code when `org-macro--set-templates' is called as a
part of major mode initialization. This way, no code evaluation is
ever triggered when user merely opens the file or when
`mm-display-org-inline' invokes Org major mode to fontify mime part
preview in email messages.

(cherry picked from commit befa9fcaae29a6c9a283ba371c3c5234c7f644eb)		 Ihor Radchenko <yantar92@posteo.net> no 2024-02-20
0030-lisp-files.el-untrusted-content-New-variable.patch * lisp/files.el (untrusted-content): New variable.
The new variable is to be used when buffer contents comes from untrusted
source.

(cherry picked from commit ccc188fcf98ad9166ee551fac9d94b2603c3a51b)		 Ihor Radchenko <yantar92@posteo.net> no 2024-02-20
0031-lisp-gnus-mm-view.el-mm-display-inline-fontify-Mark-.patch * lisp/gnus/mm-view.el (mm-display-inline-fontify): Mark contents untrusted.

(cherry picked from commit 937b9042ad7426acdcca33e3d931d8f495bdd804)		 Ihor Radchenko <yantar92@posteo.net> no 2024-02-20
0032-org-latex-preview-Add-protection-when-untrusted-cont.patch org-latex-preview: Add protection when `untrusted-content' is non-nil
* lisp/org/org.el (org--latex-preview-when-risky): New variable
controlling how to handle LaTeX previews in Org files from untrusted
origin.
(org-latex-preview): Consult `org--latex-preview-when-risky' before
generating previews.

This patch adds a layer of protection when LaTeX preview is requested
for an email attachment, where `untrusted-content' is set to non-nil.

(cherry picked from commit 6f9ea396f49cbe38c2173e0a72ba6af3e03b271c)		 Ihor Radchenko <yantar92@posteo.net> no 2024-02-20
0033-org-Add-setting-for-remote-file-download-policy.patch org: Add setting for remote file download policy
* lisp/org/org.el (org-resource-download-policy, org-safe-remote-resources):
Two new customisations to configure the policy for downloading remote
resources.
(org--should-fetch-remote-resource-p, org--safe-remote-resource-p,
org--confirm-resource-safe): Introduce the new function
`org--should-fetch-remote-resource-p' for internal use determining
whether a remote resource should be downloaded according to the download
policy. This function makes use of two helper functions,
`org--safe-remote-resource-p' and `org--confirm-resource-safe'.
(org-file-contents): Apply `org--safe-remote-resource-p' to file
downloading.

* lisp/org/org-attach.el (org-attach-attach, org-attach-url): Apply
`org--safe-remote-resource-p' to url downloading.

(cherry picked from Org-mode commit 0583a0c5eaa955d4370558b980b3772bb91dd057)		 TEC <tec@tecosaur.com> no 2022-06-12
0034-org-Refactor-rx-to-concat-regexp-opt.patch org: Refactor rx to concat + regexp-opt
* lisp/org.el (org--confirm-resource-safe): Since Emacs 26 doesn't
support rx's (literal S) construct, use (concat (regexp-opt ...) ...)
instead.

(cherry picked from Org-mode commit 6de5431acc8b77548e89c61a6ae0ebc1b57540bb)		 TEC <tec@tecosaur.com> no 2022-07-24
0035-org-Correct-regexp-escaping-to-use-regexp-quote.patch org: Correct regexp escaping to use regexp-quote
* lisp/org.el (org--confirm-resource-safe): `regexp-opt' was
accidentally used instead of `regexp-quote'.

(cherry picked from Org-mode commit 6ad53fa22eab5830f85a401960dc1e7d00154a27)		 TEC <tec@tecosaur.com> no 2022-07-26
0036-org-Fix-resource-prompt-in-non-file-buffers.patch org: Fix resource prompt in non-file buffers
* lisp/org.el (org--confirm-resource-safe): When `buffer-file-name' is
nil, skip over file-specific behaviour.

(cherry picked from Org-mode commit 4702a73031c77ba03b480b0848c137d5d8773e07)		 TEC <git@tecosaur.net> no 2022-08-03
0037-org-Add-mark-domain-as-safe-convenience-action.patch org: Add "mark domain as safe" convenience action
* lisp/org.el (org--confirm-resource-safe): Pick out domains from URLs,
and provide an option of marking that domain as safe.

(cherry picked from Org-mode commit 1ae801e9c86d5b150fd085230722e4dac550df30)		 TEC <git@tecosaur.net> no 2022-08-07
0038-org-Tweak-styling-of-url-in-resource-prompt.patch org: Tweak styling of url in resource prompt
* lisp/org.el (org--confirm-resource-safe): Style domain with a link,
and url with an underline.

(cherry picked from Org-mode commit 1061db94acf785f4b8f1140649e3857d52693115)		 TEC <git@tecosaur.net> no 2022-08-30
0039-org-Use-buffer-base-buffer-in-safe-resource-fns.patch org: Use buffer-base-buffer in safe resource fns
* lisp/org.el (org--confirm-resource-safe, org--safe-remote-resource-p):
Replace instances of buffer-file-name
with (buffer-file-name (buffer-base-buffer)) so these functions work in
indirect buffers.

(cherry picked from Org-mode commit 88329143c86b34195af68a8e5d5fd3d00a5dcae6)		 TEC <git@tecosaur.net> no 2022-12-10
0040-org-file-contents-Consider-all-remote-files-unsafe.patch org-file-contents: Consider all remote files unsafe
* lisp/org/org.el (org-file-contents): When loading files, consider all
remote files (like TRAMP-fetched files) unsafe, in addition to URLs.

(cherry picked from commit 2bc865ace050ff118db43f01457f95f95112b877)		 Ihor Radchenko <yantar92@posteo.net> no 2024-02-20
0041-org-confirm-resource-safe-Fix-prompt-when-prompting-.patch org--confirm-resource-safe: Fix prompt when prompting in non-file Org buffers

* lisp/org/org.el (org--confirm-resource-safe): When called from
non-file buffer, do not put stray "f" in the prompt.

(cherry picked from commit 7a5d7be52c5f0690ee47f30bfad973827261abf2)		 Ihor Radchenko <yantar92@posteo.net> no 2024-02-23
0042-org-Fix-security-prompt-for-downloading-remote-resou.patch org: Fix security prompt for downloading remote resource
* lisp/org.el (org--confirm-resource-safe): Do not assume that
resource is safe when user replies "n" (do not download).

(cherry picked from commit e56f0ef51bfdd0e03e817670754bc813fb3702a2)		 Ihor Radchenko <yantar92@posteo.net> no 2024-02-02
0043-org-link-expand-abbrev-Do-not-evaluate-arbitrary-uns.patch org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code
* lisp/org/ol.el (org-link-expand-abbrev): Refuse expanding %(...)
link abbrevs that specify unsafe function. Instead, display a
warning, and do not expand the abbrev. Clear all the text properties
from the returned link, to avoid any potential vulnerabilities caused
by properties that may contain arbitrary Elisp.		 Ihor Radchenko <yantar92@posteo.net> no debian https://git.savannah.gnu.org/cgit/emacs.git/commit/?h=emacs-29.4&id=c645e1d8205f0f0663ec4a2d27575b238c646c7c 2024-06-21

All known versions for source package 'emacs'

Links