MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
emacs
Recherche

[$] Emacs code completion can cause compromise

mercredi 18 décembre 2024, 15:55 , par LWN.net
Emacs has had a
few bugs related to accidentally
permitting the execution of untrusted code. Unfortunately, it seems as though
another bug of that sort has appeared — and may be harder to patch,
because the problem comes from the way Emacs handles expansion of Lisp macros in
code being analyzed. The
vulnerability is only practically exploitable in a non-default configuration, so
not every Emacs user has something to worry about. The Emacs
developers are reportedly working on a fix, but have not yet shared details
about it. In the meantime, every Emacs version since at least
26.1 (released in May 2018) through the current development version is vulnerable.
Lire la suite sur LWN.net
https://lwn.net/Articles/1002046/

Voir aussi

emacs You have a license to code InfoWorld18 Dec
code AirDoctor Coupon Code: 25% Off Purifiers Wired: Tech.18 Dec
not Gemini Code Assist tools target developer productivity from within IDEs InfoWorld17 Dec
version Windows Outlook app is having login troubles, throws up an error code PC World17 Dec
may [$] Using Guile for Emacs LWN.net16 Dec
about Western Digital Promo Code: 10% Off in December Wired: Tech.13 Dec
every Visual Studio Code adds overtype mode, paste with imports InfoWorld13 Dec
completion Google's New Jules AI Agent Will Help Developers Fix Buggy Code Slashdot11 Dec
cause OpenSilver 3.1 brings XAML designer for VS Code InfoWorld11 Dec
compromise Supply chain compromise of Ultralytics AI library results in trojanized versions InfoWorld 9 Dec
emacs Codes Marvel Rivals : Tous les redeem code actifs pour le mois de Décembre 2024 JeuxVideo 7 Dec
code Abusing Git branch names to compromise a PyPI package LWN.net 6 Dec
not Android 15 ajoute un Code QR pour partager une photo et améliore les scans dans Google Drive 01net 6 Dec
version Le français Convertigo lance son studio No Code version 2.0 à Open Source Experience Paris TooLinux 6 Dec
may Backdoor in Compromised Solana Code Library Drains $184,000 from Digital Wallets Slashdot 5 Dec
about Groupon Promo Code: Get 20% Off This December Wired: Tech. 4 Dec
every Yale Code keypad lock review: Svelte & affordable, just not smart PC World 3 Dec
completion Holiday season cybersecurity alert: QR code phishing scams BetaNews 3 Dec
cause GitHub's boast that Copilot produces high-quality code challenged TheRegister 3 Dec
compromise Refactoring AI code: The good, the bad, and the weird InfoWorld 2 Dec
News copyright owned by their original publishers | Copyright © 2004 - 2024 Zicos / 440Network
Date Actuelle
mer. 18 déc. - 21:15 CET