[Git][security-tracker-team/security-tracker][master] Reserve DLA-4069-1 for emacs

Sean Whitton (@spwhitton) Wed, 26 Feb 2025 19:50:18 -0800


Sean Whitton pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
d987d18e by Sean Whitton at 2025-02-27T11:49:20+08:00
Reserve DLA-4069-1 for emacs

- - - - -


3 changed files:

- data/CVE/list
- data/DLA/list
- data/dla-needed.txt


Changes:

=====================================
data/CVE/list
=====================================
@@ -27267,7 +27267,6 @@ CVE-2024-11738 (A flaw was found in Rustls 0.23.13 and 
related APIs. This vulner
 CVE-2024-53920 (In elisp-mode.el in GNU Emacs through 30.0.92, a user who 
chooses to i ...)
        - emacs 1:30.1+1-1 (bug #1088690)
        [bookworm] - emacs <postponed> (Minor issue, revisit when fixed 
upstream)
-       [bullseye] - emacs <postponed> (Minor issue, revisit when fixed 
upstream)
        NOTE: 
https://eshelyaron.com/posts/2024-11-27-emacs-aritrary-code-execution-and-how-to-avoid-it.html
        NOTE: 
https://yhetil.org/emacs/CAFXAjY5f4YfHAtZur1RAqH34UbYU56_t6t2Er0YEh1Sb7-W=hg%40mail.gmail.com/
 CVE-2024-53855 (Centurion ERP (Enterprise Rescource Planning) is a simple 
application  ...)
@@ -163185,7 +163184,6 @@ CVE-2023-28617 (org-babel-execute:latex in 
ob-latex.el in Org Mode through 9.6.1
        - org-mode 9.5.2+dfsh-5 (bug #1033341)
        [bullseye] - org-mode 9.4.0+dfsg-1+deb11u1
        - emacs 1:28.2+1-14 (bug #1033342)
-       [bullseye] - emacs <no-dsa> (Minor issue)
        NOTE: 
https://list.orgmode.org/tencent_04CF842704737012CCBCD63CD654DD41CA0A%40qq.com/T/#m6ef8e7d34b25fe17b4cbb655b161edce18c6655e
        NOTE: 
https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=8f8ec2ccf3f5ef8f38d68ec84a7e4739c45db485
 (release_9.6.2)
        NOTE: 
https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=a8006ea580ed74f27f974d60b598143b04ad1741
 (release_9.6.2)


=====================================
data/DLA/list
=====================================
@@ -1,3 +1,6 @@
+[27 Feb 2025] DLA-4069-1 emacs - security update
+       {CVE-2023-28617 CVE-2024-53920 CVE-2025-1244}
+       [bullseye] - emacs 1:27.1+1-3.1+deb11u6
 [25 Feb 2025] DLA-4068-1 php-nesbot-carbon - security update
        {CVE-2025-22145}
        [bullseye] - php-nesbot-carbon 2.32.2-1+deb11u1


=====================================
data/dla-needed.txt
=====================================
@@ -63,9 +63,6 @@ edk2
   NOTE: 20240815: (10 ipv6-related, postponed CVEs), plus there are older 
postponed vulnerabilities (Beuc/front-desk)
   NOTE: 20241105: maintainer proposed opu debdiff for CVE-2024-38796 and 
CVE-2024-1298, https://bugs.debian.org/1086762 (santiago)
 --
-emacs (Sean Whitton)
-  NOTE: 20250225: Added by Front-Desk (ta)
---
 espeak-ng
   NOTE: 20240816: Added by Front-Desk (Beuc)
   NOTE: 20240816: Follow fixes from bookworm 12.5 (5 CVEs) (Beuc/front-desk)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d987d18e73bbe9473d7fbbd74f5dc5531e4a1bd3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d987d18e73bbe9473d7fbbd74f5dc5531e4a1bd3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Reserve DLA-4069-1 for emacs

Reply via email to