Ubuntu
emacs22 package

lp:ubuntu/jaunty-security/emacs22

  1. Jaunty (9.04)
  2. jaunty-security
Created by James Westby and last modified
Get this branch:
bzr branch lp:ubuntu/jaunty-security/emacs22
Members of Ubuntu branches can upload to this branch. Log in for directions.

Branch merges

Related bugs

Related blueprints

Branch information

Owner:
Ubuntu branches
Review team:
Ubuntu Development Team
Status:
Mature

Recent revisions

14. By Kees Cook

* SECURITY UPDATE: arbitrary mailbox read/write via race condition.
  - Add debian/patches/fix-movemail-race.diff: thanks to Dan Rosenberg.
  - CVE-2010-0825

13. By Jamie Strandboge

* SECURITY UPDATE: temporary file race condition in vcdiff (LP: #174177)
* debian/patches/fix-vcdiff-tmp-race.diff: update lib-src/vcdiff to use
  mktemp
* References
  CVE-2008-1694

12. By Reinhard Tartler

new upstream release

11. By Michael Olson

* debian/control: Conflict and Replace emacs22-common-non-dfsg
  (LP: #172389). Thanks to Jamie Raymond for the report.
* debian/emacs.prerm: Remove alternatives in reverse creation order
  (LP: #162932). Thanks to James Troup for the report.
* debian/emacs.menu.in:
  - Use Applications/Editors instead of Apps/Editors as per menu policy.
  - Move menu definition for "emacs -nw" here, and delete
    emacs-common.menu.in. This way, if the user installs emacs22-nox,
    they will not have an unwanted menu item added (LP: #157984).
    Thanks to Ryan for the report.
* debian/patches:
  - feature-spell-warning.diff: New patch that displays a warning when
    spell is used and the spell binary is not installed (LP: #154989).
  - fix-comint-sudo.diff: New patch that causes comint to recognize the
    sudo prompt used by Ubuntu (LP: #162890).
  - Rename CVE-2007-6109.diff to fix-format-overflow.diff so that it
    shows up in README.Debian. Add patch header as well.
  - fix-local-vars-security.diff: Add CVE ID.
* debian/README.in:
  - Place Ubuntu rather than Debian in the header line.
  - Add link to further explanation for why we use a separate package.
  - Clarify what "this package" means.
  - Together this fixes LP: #180164. Thanks to era for the report and
    patch.
* debian/rules: Don't build debian/emacs-common.menu and don't call
  dh_installmenu -i.

10. By Che Guevara

Rebuild against libgif-dev instead of libungif4-dev (LP: #174252)

9. By Reinhard Tartler

Security fix: patches/CVE-2007-6109.diff. Patch from upstream Romain
Francoise! (LP: #174177)

8. By Michael Olson

* Brown paper bag release.
* debian/rules (build, clean): Call patch and unpatch, respectively, so
  that our patches actually get applied.

7. By Michael Olson

[ Michael Olson: Fix security issue. ]
* debian/patches/fix-local-vars-security.diff: New patch that fixes a
  bug in local variables handling. This bug permitted very risky, close
  to arbitrary modification of the behavior of Emacs by potentially
  untrusted visited files. Namely, highly unsafe variables like
  `load-path' could be changed without authorization. Fixes Launchpad
  #159525 and Debian #449008.

[ Michael Olson: Bring this closer to Debian's packaging. ]
* debian/control: Remove Build-Depends for cdbs, since we really don't
  need it after all.
* debian/patches: Remove executable bits for all patches.
* debian/rules:
  - Include /usr/share/quilt/quilt.make instead of cdbs. Thanks to
    Romain Francoise for discovering this Makefile.
  - Trivial changes that minimize the differences between our package
    and Debian's:
    + Use $(...) rather than ${...}, since the former seems to be
      preferred by debian.
    + Add "set -o pipefail" before several commands involving pipes, so
      that the error code returned is the one for the first command with
      an error in the pipe. Since the version of bash in Debian sarge
      does not support this option, and we want to be able to share
      changes with Romain's emacs-snapshot backport for sarge, send the
      output of set to /dev/null and force the exit status to be 0.
    + (nominal_ver): Split command into multiple lines.
    + Reorganize some sections to make it easier to compare changes.
    + Export DEB_HOST_GNU_TYPE and DEB_BUILD_GNU_TYPE.
    + Rename DEB_TRASH to deb_trash.
    + Rename bin_name to flavor.
    + Update comments.
    + (confflags): Use "--build=" instead of "--build " and "--host="
      instead of "--host ".
    + (deb_orig_tgz): Introduce.
    + (persistent_autogen_build_files)
      (nonpersistent_autogen_build_files)
      (persistent_autogen_install_files)
      (nonpersistent_autogen_install_files, autogen_build_files)
      (autogen_install_files, persistent_autogen_files)
      (nonpersistent_autogen_files): New variables that replace
      PERSISTENT_AUTOGEN_FILES, NONPERSISTENT_AUTOGEN_FILES, and
      DEBPKGFILES.
  - (quilt): New variable that specifies how to call quilt. This
    particular name was chosen because Debian uses it in their emacs22
    packaging.
  - (patch_info): Use $(quilt) rather than $(DEB_QUILT_CMD).

6. By LaMont Jones

Trigger rebuild for hppa

5. By Reinhard Tartler

[ Michael Olson ]
* debian/control(.in): Add emacs22 as a Depends option for the emacs
  metapackage

[ Reinhard Tartler ]
* Don't install postinst in emacs metapackage, Fixes LP: #128978

Branch metadata

Branch format:
Branch format 7
Repository format:
Bazaar repository format 2a (needs bzr 1.16 or later)
Stacked on:
lp:ubuntu/maverick/emacs22
This branch contains Public information 
Everyone can see this information.

Subscribers