http://bugs.gentoo.org/221197
CVE-2008-2142

--- emacs-21.4-orig/lisp/fast-lock.el	2001-07-15 18:15:34.000000000 +0200
+++ emacs-21.4/lisp/fast-lock.el	2008-05-12 22:43:07.000000000 +0200
@@ -278,7 +278,7 @@
 				      (integer :tag "size")))))
   :group 'fast-lock)
 
-(defcustom fast-lock-cache-directories '("." "~/.emacs-flc")
+(defcustom fast-lock-cache-directories '("~/.emacs-flc")
 ; - `internal', keep each file's Font Lock cache file in the same file.
 ; - `external', keep each file's Font Lock cache file in the same directory.
   "*Directories in which Font Lock cache files are saved and read.
@@ -296,13 +296,18 @@
  ((\"^/your/true/home/directory/\" . \".\") \"~/.emacs-flc\")
 
 would cause a file's current directory to be used if the file is under your
-home directory hierarchy, or otherwise the absolute directory `~/.emacs-flc'."
+home directory hierarchy, or otherwise the absolute directory `~/.emacs-flc'.
+For security reasons, it is not advisable to use the file's current directory
+to avoid the possibility of using the cache of another user."
   :type '(repeat (radio (directory :tag "directory")
 			(cons :tag "Matching"
 			      (regexp :tag "regexp")
 			      (directory :tag "directory"))))
   :group 'fast-lock)
 
+;;;###autoload
+(put 'fast-lock-cache-directories 'risky-local-variable t)
+
 (defcustom fast-lock-save-events '(kill-buffer kill-emacs)
   "*Events under which caches will be saved.
 Valid events are `save-buffer', `kill-buffer' and `kill-emacs'.
--- emacs-21.4-orig/lisp/loaddefs.el	2003-03-18 15:36:18.000000000 +0100
+++ emacs-21.4/lisp/loaddefs.el	2008-05-12 22:47:58.000000000 +0200
@@ -6963,6 +6963,8 @@
 ;;;;;;  "fast-lock.el" (15611 31344))
 ;;; Generated autoloads from fast-lock.el
 
+(put (quote fast-lock-cache-directories) (quote risky-local-variable) t)
+
 (autoload (quote fast-lock-mode) "fast-lock" "\
 Toggle Fast Lock mode.
 With arg, turn Fast Lock mode on if and only if arg is positive and the buffer