Merge from origin/emacs-29

1 files changed, 399 insertions, 1 deletions

diff --git a/ChangeLog.3 b/ChangeLog.3
index c254f595e89..45db1c71f6d 100644
--- a/ChangeLog.3
+++ b/ChangeLog.3
@@ -1,3 +1,401 @@
+2023-02-17  Xi Lu  <lx@shellcodes.org>
+
+	Fix etags local command injection vulnerability
+
+	* lib-src/etags.c: (escape_shell_arg_string): New function.
+	(process_file_name): Use it to quote file names passed to the
+	shell.  (Bug#59817)
+
+	(cherry picked from commit 01a4035c869b91c153af9a9132c87adb7669ea1c)
+
+2023-02-17  Xi Lu  <lx@shellcodes.org>
+
+	Fixed ctags local command execute vulnerability
+
+	* lib-src/etags.c:
+
+	(clean_matched_file_tag): New function
+	(do_move_file): New function
+	(readline_internal):
+	Add `leave_cr` parameter, if true, include the \r character
+
+	* test/manual/etags/CTAGS.good_crlf: New file
+	* test/manual/etags/CTAGS.good_update: New file
+	* test/manual/etags/crlf: New file
+	* test/manual/etags/Makefile: Add `ctags -u` test cases
+
+	(cherry picked from commit d48bb4874bc6cd3e69c7a15fc3c91cc141025c51)
+
+2023-02-17  Xi Lu  <lx@shellcodes.org>
+
+	Fix ruby-mode.el local command injection vulnerability (bug#60268)
+
+	* lisp/progmodes/ruby-mode.el
+	(ruby-find-library-file): Fix local command injection vulnerability.
+
+	(cherry picked from commit 9a3b08061feea14d6f37685ca1ab8801758bfd1c)
+
+2023-02-17  Xi Lu  <lx@shellcodes.org>
+
+	Fix htmlfontify.el command injection vulnerability.
+
+	* lisp/htmlfontify.el (hfy-text-p): Fix command injection
+	vulnerability.  (Bug#60295)
+
+	(cherry picked from commit 1b4dc4691c1f87fc970fbe568b43869a15ad0d4c)
+
+2022-12-19  Eli Zaretskii  <eliz@gnu.org>
+
+	Fix storing email into nnmail by Gnus
+
+	Backporting suggested by Florian Weimer, since this is
+	a denial-of-service issue.
+	* lisp/gnus/nnml.el (nnml--encode-headers): Wrap
+	'rfc2047-encode-string' calls with 'ignore-errors', to avoid
+	disrupting email workflows due to possibly-invalid headers.
+	Reported by Florian Weimer <fweimer@redhat.com>.
+
+	(cherry picked from commit 23f7c9c2a92e4619b7c4d2286d4249f812cd695d)
+
+2022-11-14  Robert Pluim  <rpluim@gmail.com>
+
+	Explain how to bind keys to non-ASCII sequences
+
+	* doc/emacs/custom.texi (Init Rebinding): Explain how to use `kbd'
+	when binding keys to non-ASCII sequences.
+
+2022-11-12  Eli Zaretskii  <eliz@gnu.org>
+
+	Document that 'transient-mark-mode' is off in batch mode
+
+	* doc/emacs/mark.texi (Mark, Disabled Transient Mark): Document,
+	belatedly, that 'transient-mark-mode' is turned on by default only
+	in interactive sessions.  (Bug#59201)
+
+2022-10-14  Eli Zaretskii  <eliz@gnu.org>
+
+	Document how to control where the *.eln files are written
+
+	* doc/lispref/compile.texi (Native Compilation): Document the
+	trick of pointing $HOME to a non-existent directory.
+	(Native-Compilation Variables): Document the role of
+	'native-comp-eln-load-path' in determining where *.eln files are
+	written.
+
+2022-10-14  Robert Pluim  <rpluim@gmail.com>
+
+	Add cross-reference to alternative syntaxes for Unicode
+
+	These alternative syntaxes allow you to specify Unicode codepoints
+	using only ASCII, which helps avoid decoding issues.
+
+	* doc/emacs/custom.texi (Init Non-ASCII): Add cross reference to
+	"General Escape Syntax" in the Emacs Lisp Reference Manual.
+
+2022-10-07  Lars Ingebrigtsen  <larsi@gnus.org>
+
+	Update name of hs-mouse-toggle-hiding in Emacs manual
+
+	* doc/emacs/programs.texi (Hideshow): Update the name of
+	hs-mouse-toggle-hiding (bug#58331).
+
+2022-10-06  Stefan Kangas  <stefankangas@gmail.com>
+
+	Fix typo in `(emacs) Lisp Doc'
+
+	* doc/emacs/programs.texi (Lisp Doc): Fix reference to
+	'eldoc-echo-area-display-truncation-message'.  (Bug#58324)
+
+2022-10-06  Stefan Kangas  <stefankangas@gmail.com>
+
+	Fix references to 'default-indent-new-line'
+
+	* doc/emacs/programs.texi (Comment Commands)
+	(Multi-Line Comments): Fix references to
+	'default-indent-new-line'.  (Bug#58325)
+
+2022-10-04  Andreas Schwab  <schwab@linux-m68k.org>
+
+	* src/emacs.c (load_pdump): Propery handle case when executable
+	wasn't found.
+
+2022-10-04  Eli Zaretskii  <eliz@gnu.org>
+
+	Avoid assertion violations in STRING_CHAR
+
+	* src/xdisp.c (handle_composition_prop):
+	* src/editfns.c (styled_format): Don't call 'STRING_CHAR' on
+	unibyte strings.  This avoids assertion violation in
+	'string_char_and_length'.
+
+	(cherry picked from commit d52d6e1e106117eb4bba81a65e256e2e793037b6)
+
+2022-10-03  Stefan Kangas  <stefankangas@gmail.com>
+
+	Fix documentation  of 'TAB' in cc-mode
+
+	* doc/emacs/programs.texi (C Indent): Fix documentation of 'TAB'
+	in cc-mode.  (Bug#58258)
+
+2022-10-03  Stefan Kangas  <stefankangas@gmail.com>
+
+	Fix 'org-export-dispatch' command name in manual
+
+	* doc/emacs/text.texi (Org Authoring): Fix 'org-export-dispatch'
+	command name.  (Bug#58260)
+
+2022-10-02  Andreas Schwab  <schwab@linux-m68k.org>
+
+	* src/emacs.c (load_pdump): Fix use of xpalloc.
+
+2022-10-02  Eli Zaretskii  <eliz@gnu.org>
+
+	Avoid assertion violation in 'xpalloc'
+
+	* src/emacs.c (load_pdump): Ensure the 3rd argument of xpalloc is
+	always positive.  (Bug#58232)
+
+2022-09-30  Michael Albinus  <michael.albinus@gmx.de>
+
+	Fix connection property incompatibility in Tramp
+
+	* lisp/net/tramp.el (tramp-get-remote-tmpdir): Remove obsolete
+	connection property "tmpdir".  (Bug#57800)
+
+2022-09-29  Lars Ingebrigtsen  <larsi@gnus.org>
+
+	Update some Gnus documentation in the Emacs manual
+
+	* doc/emacs/misc.texi (Gnus Group Buffer, Gnus Summary Buffer):
+	Update documentation (bug#58145).
+
+2022-09-28  Eli Zaretskii  <eliz@gnu.org>
+
+	Clarify image file search
+
+	* doc/lispref/display.texi (Defining Images, Image Descriptors):
+	* lisp/image.el (create-image): Clarify that non-absolute image
+	files are searched along 'image-load-path'.  (Bug#52931)
+
+2022-09-28  Stefan Kangas  <stefankangas@gmail.com>
+
+	.mailcap: Some additional fixes.
+
+2022-09-28  Eli Zaretskii  <eliz@gnu.org>
+
+	Avoid assertion violations in 'pop_it'
+
+	* src/xdisp.c (pop_it): Avoid assertion violations when handling
+	lists or vectors of display properties.  (Bug#58122)
+
+2022-09-28  Stefan Kangas  <stefankangas@gmail.com>
+
+	Add .mailmap for proper git log output
+
+	This file is used to fix a few misspelled names in various git
+	listings (e.g., "git log").  This can be used to fix incorrect
+	attribution, poor display, or names showing up more than once.
+	It also allows updating an old email addresses to a new one.
+	See "man git-shortlog" for more information on the format.
+
+	* .mailmap: New file.
+
+2022-09-27  Stefan Kangas  <stefankangas@gmail.com>
+
+	* doc/emacs/ack.texi (Acknowledgments): Update maintainers.
+
+2022-09-24  Stefan Monnier  <monnier@iro.umontreal.ca>
+
+	* lisp/progmodes/hideshow.el (hs-toggle-hiding): Fix `interactive` form
+
+	This fixes the first part of bug#52092, which is a regression
+	introduced by commit d0e9113de97.
+
+2022-09-23  YAMAMOTO Mitsuharu  <mituharu@math.s.chiba-u.ac.jp>
+
+	Fix shaping with bitmap-only fonts on HarfBuzz 5.2.0 (Bug#57976)
+
+	* src/ftcrfont.c (ftcrhbfont_begin_hb_font): Undo last change for
+	HarfBuzz 5.2.0.
+
+2022-09-20  Stefan Monnier  <monnier@iro.umontreal.ca>
+
+	* lisp/text-modes/tex-mode.el (tex-mode): Fix AUCTeX regression
+
+	As discussed in
+	https://lists.gnu.org/r/auctex/2022-08/msg00004.html
+	AUCTeX installs its own advice to redefine `tex-mode`, and that
+	advice used to take precedence before commit 6075a7c5ae3fa456cd.
+
+2022-09-20  Robert Pluim  <rpluim@gmail.com>
+
+	Add vc-annotate-switches to manual
+
+	* doc/emacs/maintaining.texi (Old Revisions): Add description of
+	`vc-annotate-switches' and `vc-BACKEND-annotate-switches'.
+
+2022-09-20  Robert Pluim  <rpluim@gmail.com>
+
+	Remove mention of non-existent `annotate-switches'
+
+	* lisp/vc/vc.el (vc-annotate-switches): Remove mention of
+	`annotate-switches'.  As far as I can tell this has never existed in
+	Emacs.
+
+2022-09-20  Robert Pluim  <rpluim@gmail.com>
+
+	Mention that src/macuvs.h sometimes needs committing
+
+	* admin/notes/unicode: src/macuvs.h is generated, but needs to be
+	committed sometimes.
+
+2022-09-19  Gerd Möllmann  <gerd@gnu.org>
+
+	MacOS ld warning from native compilation (bug#57849)
+
+	* lisp/emacs-lisp/comp.el (native-comp-driver-options): Add "-Wl,-w"
+	on Darwin systems.
+	* etc/NEWS: Describe change.
+
+2022-09-18  Michael Albinus  <michael.albinus@gmx.de>
+
+	Fix Tramp error with eshell integration
+
+	* lisp/net/tramp-integration.el (tramp-eshell-directory-change):
+	Respect local `default-directory'.  (Bug#57556)
+
+2022-09-17  Michael Albinus  <michael.albinus@gmx.de>
+
+	Sync with Tramp 2.5.3.2.  Don't merge with master
+
+	* doc/misc/tramp.texi (Android shell setup): Rework.
+	(Frequently Asked Questions): Improve recommendations for speeding up.
+
+	* doc/misc/trampver.texi:
+	* lisp/net/trampver.el: Change version to "2.5.4-pre".
+
+	* lisp/net/tramp-adb.el (tramp-methods): Use "%d".
+	(tramp-adb-handle-directory-files-and-attributes): Fix "." and
+	".." in listing.
+	(tramp-adb-handle-file-attributes)
+	(tramp-adb-handle-directory-files-and-attributes)
+	(tramp-adb-handle-file-name-all-completions): Pipe "ls" output
+	through "cat", in order to avoid quoting special characters.
+	(tramp-adb-maybe-open-connection): Compute args from `tramp-login-args'.
+
+	* lisp/net/tramp-compat.el (tramp-compat-replace-regexp-in-region):
+	New defalias.
+
+	* lisp/net/tramp-gvfs.el (tramp-gvfs-do-copy-or-rename-file):
+	Adapt check for proper remote command.
+
+	* lisp/net/tramp.el (tramp-methods): Adapt docstring.
+	(tramp-handle-make-process): Check for adb device if indicated.
+	(tramp-get-remote-tmpdir): Cache result in temporary connection
+	property.
+
+	* test/lisp/net/tramp-tests.el  (tramp-test17-insert-directory)
+	(tramp-test22-file-times, tramp--test-utf8): Adapt tests.
+	(tramp--test-shell-file-name): Do not depend on `tramp--test-adb-p'.
+	(tramp-test46-unload): Ignore autoload functions in
+	`tramp-file-name' structure tests, since `tramp-file-name-handler'
+	is also autoloaded in Emacs 29.
+
+2022-09-17  Stefan Kangas  <stefankangas@gmail.com>
+
+	Simplify regexp in make-news-html-file
+
+	* admin/admin.el (make-news-html-file): Simplify regexp.
+	Suggested by Mattias Engdegård <mattiase@acm.org>.
+
+2022-09-16  Stefan Kangas  <stefankangas@gmail.com>
+
+	* admin/admin.el (make-news-html-file): Set id on correct tag.
+
+2022-09-16  Stefan Kangas  <stefankangas@gmail.com>
+
+	Add version headlines to HTML NEWS export
+
+	This allows linking to, e.g. "NEWS.28.html#28.1" to go directly to
+	those release notes.
+	* admin/admin.el (admin--org-export-headers-format)
+	(make-news-html-file): Add XX.Y version headlines with an HTML anchor.
+
+2022-09-16  Stefan Kangas  <stefankangas@gmail.com>
+
+	Improve HTML export of NEWS file
+
+	* admin/admin.el (admin--org-export-headers-format)
+	(admin--org-html-postamble): New variables.
+	(admin--require-external-package): New function.
+	(make-news-html-file): Improve HTML export.
+
+2022-09-16  Stefan Kangas  <stefankangas@gmail.com>
+
+	Delete "etc/NEWS*.html" from .gitignore
+
+	We actually do want to see it when preparing a release, so that we
+	don't include it in a tarball by mistake.
+	* .gitignore: Don't ignore "etc/NEWS*.html".
+
+2022-09-16  Stefan Kangas  <stefankangas@gmail.com>
+
+	Recommend NonGNU ELPA over MELPA
+
+	* doc/misc/org.org (Using CDLaTeX to enter math, Footnotes): Recommend
+	NonGNU ELPA over MELPA.
+
+2022-09-16  Stefan Kangas  <stefankangas@gmail.com>
+
+	Minor doc fixes in picture.el
+
+	* lisp/textmodes/picture.el: Improve Commentary.
+	(picture-forward-column, picture-backward-column)
+	(picture-move-down, picture-move-up, picture-movement-nw)
+	(picture-movement-ne, picture-movement-sw, picture-movement-se)
+	(picture-set-motion, picture-clear-line, picture-newline)
+	(picture-tab, picture-yank-rectangle)
+	(picture-yank-rectangle-from-register, picture-insert-rectangle)
+	(picture-draw-rectangle): Minor doc fixes.
+
+2022-09-16  Stefan Kangas  <stefankangas@gmail.com>
+
+	* lisp/textmodes/page-ext.el: Improve Commentary.
+
+2022-09-14  Stefan Kangas  <stefankangas@gmail.com>
+
+	Automate exporting etc/NEWS to HTML
+
+	* admin/admin.el (make-news-html-file): New function.
+	* .gitignore: Ignore generated "etc/NEWS*.html" file.
+
+2022-09-14  Eli Zaretskii  <eliz@gnu.org>
+
+	* Makefile.in (uninstall): Remove the *.eln files.  (Bug#57771)
+
+2022-09-12  Stefan Kangas  <stefankangas@gmail.com>
+
+	Update HISTORY for Emacs 28.2
+
+	* etc/HISTORY: Update for the Emacs 28.2 release.
+
+2022-09-07  Stefan Kangas  <stefankangas@gmail.com>
+
+	Bump Emacs version to 28.2
+
+	* README:
+	* configure.ac:
+	* msdos/sed2v2.inp:
+	* nt/README.W32: Bump Emacs version to 28.2.
+
+2022-09-07  Stefan Kangas  <stefankangas@gmail.com>
+
+	Update ChangeLog and AUTHORS for Emacs 28.2
+
+	* ChangeLog.3:
+	* etc/AUTHORS:
+	* etc/NEWS: Update for Emacs 28.2.
+
 2022-09-06  Stefan Kangas  <stefankangas@gmail.com>
 
 	* doc/misc/idlwave.texi (Troubleshooting): Don't say "Emacsen".
@@ -236920,7 +237318,7 @@
 
 This file records repository revisions from
 commit 9d56a21e6a696ad19ac65c4b405aeca44785884a (exclusive) to
-commit ddabb03a0176beb4b7fc8d4f2267d459fd2ebded (inclusive).
+commit 790ea50b8116427fecd263ae7fc44890be518048 (inclusive).
 See ChangeLog.2 for earlier changes.
 
 ;; Local Variables: