ELA-1122-1 emacs24 security update
ELA-1123-1 emacs25 security update
ELA-1122-1 emacs24 security update
Package : emacs24
Version : 24.4+1-5+deb8u5 (jessie), 24.5+1-11+deb9u5 (stretch)
Related CVEs :
CVE-2024-39331
A vulnerability was discovered in GNU Emacs, the extensible, customisable,
self-documenting display editor.
The org-link-expand-abbrev function expanded a %(…) link abbrev even when
the abbrev specified an unsafe function, such as shell-command-to-string.
This could lead to arbitrary code execution as soon as an Org-mode format file
was opened.
ELA-1123-1 emacs25 security update
Package : emacs25
Version : 25.1+1-4+deb9u5 (stretch)
Related CVEs :
CVE-2024-39331
A vulnerability was discovered in GNU Emacs, the extensible, customisable,
self-documenting display editor.
The org-link-expand-abbrev function expanded a %(…) link abbrev even when
the abbrev specified an unsafe function, such as shell-command-to-string.
This could lead to arbitrary code execution as soon as an Org-mode format file
was opened.
