| From: |
| Noam Postavsky <npostavs-AT-gmail.com> |
| To: |
| Lars Ingebrigtsen <larsi-AT-gnus.org> |
| Subject: |
| Re: A couple of questions and concerns about Emacs network security |
| Date: |
| Sun, 24 Jun 2018 10:48:10 -0400 |
| Message-ID: |
| <CAM-tV--DngfGugjVmRf=D7yBcTqu4uEfmACA8k=0vwxzbN=j7A@mail.gmail.com> |
| Cc: |
| Eli Zaretskii <eliz-AT-gnu.org>, Paul Eggert <eggert-AT-cs.ucla.edu>, Jimmy Yuen Ho Wong <wyuenho-AT-gmail.com>, Emacs developers <emacs-devel-AT-gnu.org> |
| Archive-link: |
| Article |
On 24 June 2018 at 10:34, Lars Ingebrigtsen <larsi@gnus.org> wrote:
> I had meant to implement warnings for this stuff on the default `medium'
> level instead of letting it remain on the `high' level, but I simply
> forgot. I'll be changing that on master hopefully sometime next week.
Yeah, I think that's a good way to block this vulnerability. Though
it's unfortunate that we're still going to release a 26.2 which
silently accepts primes smaller than 1024 bits by default.
