Control: reassign 934314 src:emacs 1:26.1+1-3.2 Control: forcemerge 922659 934314 Control: severity 922659 important
On August 9, 2019 at 8:32AM -0700, ian (at retrospec.tv) wrote: > Known workarounds involve disabling GnuTLS support or TLS 1.3, both of which > are inadvisable from a security perspective. > > This is a grave bug because it breaks Emacs’ built-in package manager > installing packages from the default GNU repository, which can prevent Emacs > from working. Workarounds are known and most features are usable, so downgrading the severity from grave to important. > Upstream commit e87e6a24c4 contains the fix, which should get backported to > buster due to the bug severity. Instead, a small patch is available in the emacs-26 branch: - https://git.savannah.gnu.org/cgit/emacs.git/commit/?id=202ff53da267f9fa15f438e9c38603bbead6e890 Anyway, this bug will be fixed in the Emacs 26.3 release. Thanks, -- Tatsuya Kinoshita
pgpc7RHTpaI7e.pgp
Description: PGP signature
