Package: emacs Version: 1:26.1+1-3.2 Severity: grave Tags: upstream The version of Emacs shipped in buster has a bug which causes synchronous HTTPS requests to fail due to a GnuTLS race condition. It’s been reported and fixed upstream: https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34341
Known workarounds involve disabling GnuTLS support or TLS 1.3, both of which are inadvisable from a security perspective. This is a grave bug because it breaks Emacs’ built-in package manager installing packages from the default GNU repository, which can prevent Emacs from working. If I use my Emacs configuration on a clean buster install, I get a broken X11 session, because it can’t install EXWM. Upstream commit e87e6a24c4 contains the fix, which should get backported to buster due to the bug severity. -- System Information: Debian Release: 10.0 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-5-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages emacs depends on: ii emacs-gtk 1:26.1+1-3.2 emacs recommends no packages. emacs suggests no packages. -- no debconf information
