MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
emacs
Search

[$] Emacs code completion can cause compromise

Wednesday December 18, 2024. 03:55 PM , from LWN.net
Emacs has had a
few bugs related to accidentally
permitting the execution of untrusted code. Unfortunately, it seems as though
another bug of that sort has appeared — and may be harder to patch,
because the problem comes from the way Emacs handles expansion of Lisp macros in
code being analyzed. The
vulnerability is only practically exploitable in a non-default configuration, so
not every Emacs user has something to worry about. The Emacs
developers are reportedly working on a fix, but have not yet shared details
about it. In the meantime, every Emacs version since at least
26.1 (released in May 2018) through the current development version is vulnerable.
Read more at LWN.net
https://lwn.net/Articles/1002046/

Related News

emacs You have a license to code InfoWorldDec 18
code AirDoctor Coupon Code: 25% Off Purifiers Wired: Tech.Dec 18
not Gemini Code Assist tools target developer productivity from within IDEs InfoWorldDec 17
version Windows Outlook app is having login troubles, throws up an error code PC WorldDec 17
may [$] Using Guile for Emacs LWN.netDec 16
about Western Digital Promo Code: 10% Off in December Wired: Tech.Dec 13
every Visual Studio Code adds overtype mode, paste with imports InfoWorldDec 13
completion Google's New Jules AI Agent Will Help Developers Fix Buggy Code SlashdotDec 11
cause OpenSilver 3.1 brings XAML designer for VS Code InfoWorldDec 11
compromise Supply chain compromise of Ultralytics AI library results in trojanized versions InfoWorldDec 9
emacs Abusing Git branch names to compromise a PyPI package LWN.netDec 6
code Backdoor in Compromised Solana Code Library Drains $184,000 from Digital Wallets SlashdotDec 5
not Groupon Promo Code: Get 20% Off This December Wired: Tech.Dec 4
version Yale Code keypad lock review: Svelte & affordable, just not smart PC WorldDec 3
may Holiday season cybersecurity alert: QR code phishing scams BetaNewsDec 3
about GitHub's boast that Copilot produces high-quality code challenged TheRegisterDec 3
every Refactoring AI code: The good, the bad, and the weird InfoWorldDec 2
completion 'Hour of Code' Cartoon Includes a Shout-Out to AI SlashdotDec 1
cause Pokemon Fan Learns To Code In Order To Archive TCG SlashdotNov 26
compromise MacFORTH Code for 1984 Robot-Coding Game 'ChipWits' from 1984 is Now Open Source SlashdotNov 24
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Current Date
Dec, Wed 18 - 18:46 CET