Bugs fixes in "emacs"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2024-30205 | In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23. | 2024-09-19 |
| CVE | CVE-2024-30204 | In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. | 2024-09-19 |
| CVE | CVE-2024-39331 | In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-comm | 2024-09-19 |
| CVE | CVE-2024-30203 | In Emacs before 29.3, Gnus treats inline MIME contents as trusted. | 2024-09-19 |
| CVE | CVE-2023-28617 | org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or dire | 2024-09-19 |
| CVE | CVE-2022-48339 | An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the para | 2024-09-19 |
| CVE | CVE-2022-48338 | An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. | 2024-09-19 |
| CVE | CVE-2022-48337 | GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses | 2024-09-19 |
| CVE | CVE-2022-45939 | GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses | 2024-09-19 |
| Launchpad | 2070418 | Security vulnerability, arbitrary shell commands can run when turning on org-mode | 2024-09-19 |
| CVE | CVE-2024-30205 | In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23. | 2024-09-19 |
| CVE | CVE-2024-30204 | In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. | 2024-09-19 |
| CVE | CVE-2024-39331 | In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-comm | 2024-09-19 |
| CVE | CVE-2024-30203 | In Emacs before 29.3, Gnus treats inline MIME contents as trusted. | 2024-09-19 |
| CVE | CVE-2023-28617 | org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or dire | 2024-09-19 |
| CVE | CVE-2022-48339 | An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection vulnerability. In the hfy-istext-command function, the para | 2024-09-19 |
| CVE | CVE-2022-48338 | An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file function has a local command injection vulnerability. | 2024-09-19 |
| CVE | CVE-2022-48337 | GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses | 2024-09-19 |
| CVE | CVE-2022-45939 | GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name of a source-code file, because lib-src/etags.c uses | 2024-09-19 |
| Launchpad | 2070418 | Security vulnerability, arbitrary shell commands can run when turning on org-mode | 2024-09-19 |
About
-
Send Feedback to @ubuntu_updates
