bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random num

bug-gnu-emacs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random num

From:	Andy Moreton
Subject:	bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems
Date:	Wed, 20 Jan 2016 14:06:42 +0000
User-agent:	Gnus/5.13 (Gnus v5.13) Emacs/25.1.50 (windows-nt)

On Tue 19 Jan 2016, Glenn Morris wrote:

> Andy Moreton wrote:
>
>>  - broke all builds configured with "--without-gnutls"
>
> AFAICS, you are mistaken.

I may well be, but please explain.
src/sysdep.c (at emacs-25 commit c5ee6de21d4b) contains:

#include "gnutls.h"
#if 0x020c00 <= GNUTLS_VERSION_NUMBER && !defined WINDOWSNT
# include <gnutls/crypto.h>
#else
# define emacs_gnutls_global_init() Qnil
# define gnutls_rnd(level, data, len) (-1)
#endif

How can this build properly on a non-Windows system which does not
contain an installed "gnutls.h" header ?

    AndyM

[Prev in Thread]

Current Thread

[Next in Thread]

bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems, (continued)

Prev by Date: bug#22404: 25.1.50; Forcing `window-scroll-functions` to run.
Next by Date: bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems
Previous by thread: bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems
Next by thread: bug#22202: 24.5; SECURITY ISSUE -- Emacs Server vulnerable to random number generator attack on Windows systems
Index(es):
- Date
- Thread