Updated: {emacs,emacs-X11,emacs-el}-{23.4-3,24.2-1} [SECURITY]

Ken Brown kbrown@cornell.edu
Tue Aug 28 02:42:00 GMT 2012

The current version of the GNU emacs packages in the Cygwin distribution 
has been updated to the latest upstream release:

*** emacs-24.2-1
*** emacs-X11-24.2-1
*** emacs-el-24.2-1
*** emacs-debuginfo-24.2-1

This is a bugfix release.  It fixes a security flaw that allowed 
automatic code execution via file-local variables when the user option 
`enable-local-variables' was changed from its default value to `:safe' 
(CVE-2012-3479), plus many other bugs.

I have also applied the security fix to the previous version:

*** emacs-23.4-3
*** emacs-X11-23.4-3
*** emacs-el-23.4-3

Emacs is a powerful, customizable, self-documenting, modeless text 
editor.  Emacs contains special code editing features, a scripting 
language (elisp), and the capability to read mail, news, and more 
without leaving the editor.

Install the emacs-X11 package if you want to use the X11 GUI.  You can 
then type 'emacs&' in an xterm window, and emacs will start in a new 
window.  If you have sshd running and want to be able to run the GUI 
version of emacs from a remote machine, you need to enable X11 
forwarding by adding the following line to /etc/sshd_config:

   X11Forwarding yes

The script /usr/bin/make-emacs-shortcut can be used to create a shortcut 
for starting emacs.  The shortcut starts emacs under X if an X server is 
running and in a mintty window otherwise.  Edit the shortcut and/or the 
script if you want different behavior.

You will need the cygutils package to run the script, and you will need 
mintty and run2 to use the shortcut.  In addition, the user who runs the 
script needs to be able to write to /usr/local/bin.

Ken Brown
Cygwin emacs maintainer

                    *** CYGWIN-ANNOUNCE UNSUBSCRIBE INFO ***

If you want to unsubscribe from the cygwin-announce mailing list, look 
at the "List-Unsubscribe: " tag in the email header of this message. 
Send email to the address specified there.  It will be in the format:


If you need more information on unsubscribing, start reading here:


Please read *all* of the information on unsubscribing that is available 
starting at the above URL.

More information about the Cygwin-announce mailing list