[Please cc me on replies, I'm not subscribed.] Dear Emacs users,Emacs major mode for reStructuredText (rst.el) as shipped by python-docutils in lenny is affected by a security vulnerability, that allows a local user to perform a symlink attack to overwrite arbitrary files: http://bugs.debian.org/560755
I have prepared a patch for python-docutils 0.5-2, which hopefully fixes this bug, but as I am neither an Emacs user nor a Lisp programmer, I don't feel confident about it and I would certainly don't want to break anything in lenny.
Therefore, I kindly ask you to review my patch. The latest version is available here:
http://svn.debian.org/viewsvn/python-modules/packages/python-docutils/branches/0.5-2/debian/patches/18_emacs_temporary_files.dpatchPlease keep in mind that the code is supposed to support every Emacs version available in lenny, i.e. XEmacs 21, Emacs 21 and Emacs 22.
Thanks in advance! -- Jakub Wilk
Attachment:
signature.asc
Description: Digital signature