MGASA-2023-0152 - Updated emacs packages fix security vulnerability Publication date: 24 Apr 2023 URL: https://advisories.mageia.org/MGASA-2023-0152.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-28617 org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. (CVE-2023-28617) References: - https://bugs.mageia.org/show_bug.cgi?id=31767 - https://ubuntu.com/security/notices/USN-6003-1 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28617 SRPMS: - 8/core/emacs-27.1-1.4.mga8
Mageia 2023-0152: emacs security update
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell ...
Summary
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU
Emacs allows attackers to execute arbitrary commands via a file name or
directory name that contains shell metacharacters. (CVE-2023-28617)
References
- https://bugs.mageia.org/show_bug.cgi?id=31767
- https://ubuntu.com/security/notices/USN-6003-1
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-28617
Resolution
MGASA-2023-0152 - Updated emacs packages fix security vulnerability
SRPMS
- 8/core/emacs-27.1-1.4.mga8
Severity
Publication date: 24 Apr 2023
URL: https://advisories.mageia.org/MGASA-2023-0152.html
Type: security
CVE: CVE-2023-28617
News
HOWTOs
About Us
Powered By
