Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 21c597ab by Salvatore Bonaccorso at 2024-03-25T21:18:00+01:00 CVEs assigned for emacs issues - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,11 +1,19 @@ CVE-2024-30205 (In Emacs before 29.3, Org mode considers contents of remote files to b ...) - TODO: check + - emacs 1:29.3+1-1 (bug #1067630) + NOTE: https://www.openwall.com/lists/oss-security/2024/03/24/1 + NOTE: https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00005.html CVE-2024-30204 (In Emacs before 29.3, LaTeX preview is enabled by default for e-mail a ...) - TODO: check + - emacs 1:29.3+1-1 (bug #1067630) + NOTE: https://www.openwall.com/lists/oss-security/2024/03/24/1 + NOTE: https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00005.html CVE-2024-30203 (In Emacs before 29.3, Gnus treats inline MIME contents as trusted.) - TODO: check + - emacs 1:29.3+1-1 (bug #1067630) + NOTE: https://www.openwall.com/lists/oss-security/2024/03/24/1 + NOTE: https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00005.html CVE-2024-30202 (In Emacs before 29.3, arbitrary Lisp code is evaluated as part of turn ...) - TODO: check + - emacs 1:29.3+1-1 (bug #1067630) + NOTE: https://www.openwall.com/lists/oss-security/2024/03/24/1 + NOTE: https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00005.html CVE-2024-2865 (Improper Neutralization of Special Elements used in an SQL Command ('S ...) TODO: check CVE-2024-2864 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...) @@ -334,26 +342,6 @@ CVE-2024-27280 [Buffer overread vulnerability in StringIO] CVE-2024-XXXX [arbitrary Elisp and LaTeX evaluation] - org-mode <unfixed> (bug #1067663) NOTE: https://list.orgmode.org/[email protected]/T/#t -CVE-2024-XXXX [Org mode now considers contents of remote files to be untrusted] - - emacs 1:29.3+1-1 (bug #1067630) - NOTE: https://www.openwall.com/lists/oss-security/2024/03/24/1 - NOTE: https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00005.html -CVE-2024-XXXX [LaTeX preview is now by default disabled for email attachments] - - emacs 1:29.3+1-1 (bug #1067630) - NOTE: https://www.openwall.com/lists/oss-security/2024/03/24/1 - NOTE: https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00005.html -CVE-2024-XXXX [Gnus now treats inline MIME contents as untrusted] - - emacs 1:29.3+1-1 (bug #1067630) - NOTE: https://www.openwall.com/lists/oss-security/2024/03/24/1 - NOTE: https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00005.html -CVE-2024-XXXX [New buffer-local variable 'untrusted-content'] - - emacs 1:29.3+1-1 (bug #1067630) - NOTE: https://www.openwall.com/lists/oss-security/2024/03/24/1 - NOTE: https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00005.html -CVE-2024-XXXX [Arbitrary Lisp code is no longer evaluated as part of turning on Org mode] - - emacs 1:29.3+1-1 (bug #1067630) - NOTE: https://www.openwall.com/lists/oss-security/2024/03/24/1 - NOTE: https://lists.gnu.org/archive/html/info-gnu/2024-03/msg00005.html CVE-2024-30161 (In Qt before 6.5.6 and 6.6.x before 6.6.3, the wasm component may acce ...) - qt6-base <unfixed> - qtbase-opensource-src <unfixed> View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21c597ab42ca4efcfef187e4f831b143d75af053 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/21c597ab42ca4efcfef187e4f831b143d75af053 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
