Patching a vulnerable Emacs on Arch Linux

1 minute read

With the recent security vulnerability in GNU Emacs, versions prior to (and including) 25.2, you might want update your Emacs. Currently the Emacs package in AUR is set to 25.2. Luckily it is very easy to quickly update the package by yourself.

First create a directory to work in, it can be called whatever you want. Next create a file called PKGBUILD. In this file, paste the below, updated, definition.

# $Id$
# Maintainer: Juergen Hoetzel <juergen@archlinux.org>
# Contributor: Renchi Raju <renchi@green.tam.uiuc.edu>

pkgname=emacs
pkgver=25.3
pkgrel=1
pkgdesc="The extensible, customizable, self-documenting real-time display editor"
arch=('i686' 'x86_64')
url="http://www.gnu.org/software/emacs/emacs.html"
license=('GPL3')
depends=('librsvg' 'gpm' 'giflib' 'libxpm' 'libotf' 'm17n-lib' 'gtk3' 'hicolor-icon-theme' 'gconf' 'desktop-file-utils' 'alsa-lib' 'imagemagick' 'gnutls')
validpgpkeys=('B29426DEFB07724C3C35E5D36592E9A3A0B0F199' '28D3BED851FDF3AB57FEF93C233587A47C207910')
source=(ftp://ftp.gnu.org/gnu/emacs/$pkgname-$pkgver.tar.xz{,.sig})
sha1sums=('1cb4f39e9c0a3305fd62f936c7c95ff8e2924323'
         'SKIP')

build() {
  cd "$srcdir"/$pkgname-$pkgver
  ac_cv_lib_gif_EGifPutExtensionLast=yes ./configure --prefix=/usr --sysconfdir=/etc --libexecdir=/usr/lib \
                                    --localstatedir=/var --with-x-toolkit=gtk3 --with-xft \
                                    --with-modules
  make
}

package() {
  cd "$srcdir"/$pkgname-$pkgver
  make DESTDIR="$pkgdir" install

  # remove conflict with ctags package
  mv "$pkgdir"/usr/bin/{ctags,ctags.emacs}
  mv "$pkgdir"/usr/share/man/man1/{ctags.1.gz,ctags.emacs.1}

  # fix user/root permissions on usr/share files
  find "$pkgdir"/usr/share/emacs/$pkgver -exec chown root:root {} \;
  # fix perms on /var/games
  chmod 775 "$pkgdir"/var/games
  chmod 775 "$pkgdir"/var/games/emacs
  chmod 664 "$pkgdir"/var/games/emacs/*
  chown -R root:games "$pkgdir"/var/games
}

In a terminal, go to this directory and run the package build using makepkg -s. This will go and build a new installable package. Afterwards you can use pacman -U emacs-25.3-1-x86_64.pkg.tar.xz (or yaourt if you use it) to install the updated version to your system.

You are now fully up to date. When the maintainer starts pushing a new version it will be updated as normal once the package exceeds 25.3-1.

This fix highlights what I love about Arch Linux; its versatility in package management.