Title [Bug: 21.5-b28] .flc files can run arbitrary code automatically
Type defect Module core code 21.4, core code 21.5
Severity inconvenience Platform N/A
Keywords Nosy List graaff, stephen
These controls should only be changed by committers and tracker administrators.
Status new   Reason
Superseder   Submitted 2008-05-09.19:09:57
Priority normal   Assigned To

Created on 2008-05-09.23:20:08 by stephen, last changed 2008-05-14.18:17:34 by graaff.

msg753 [hidden] ([hidden]) Date: 2008-05-13.18:45:52
  Message-ID: <>
This issue is tracked for Gentoo as and classified
a security bug. The bug report currently contains bug fixes
for GNU Emacs 21.4 and 22.2.

It looks like the 21.4 patch can be applied to fast-lock.el in
edit-utils directly. I'm not 100% sure about the
'risky-local-variable, although that it also used in align.el
and desktop.el.
msg742 [hidden] ([hidden]) Date: 2008-05-13.00:01:42
"Marshall, Simon" <> provides patch in
> on emacs-devel.
msg728 [hidden] ([hidden]) Date: 2008-05-09.23:20:08
  Message-ID: <>
Dear Bug Team!

The attached message was seen on emacs-devel.  Claimed to affect
XEmacs too.


-------------- next part --------------
An embedded message was scrubbed...
From: unknown sender
Subject: no subject
Date: no date
Size: 6367
-------------- next part --------------
XEmacs-Beta mailing list
Date User Action Args
2008-05-14 18:17:34graaffsetnosy: + graaff
2008-05-13 18:45:52graaffsetmessages: + msg753
2008-05-13 00:01:42stephensetstatus: new
severity: inconvenience
messages: + msg742
module: + core code 21.4, core code 21.5
priority: normal
platform: + N/A
type: defect
2008-05-09 23:20:08stephencreate