Описание
ELSA-2024-6510: emacs security update (MODERATE)
[1:27.2-10]
- org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code (CVE-2024-39331)
- Disable xwidgets (RHEL-33447)
Обновленные пакеты
Oracle Linux 9
Oracle Linux aarch64
emacs
27.2-10.el9_4
emacs-common
27.2-10.el9_4
emacs-filesystem
27.2-10.el9_4
emacs-lucid
27.2-10.el9_4
emacs-nox
27.2-10.el9_4
Oracle Linux x86_64
emacs
27.2-10.el9_4
emacs-common
27.2-10.el9_4
emacs-filesystem
27.2-10.el9_4
emacs-lucid
27.2-10.el9_4
emacs-nox
27.2-10.el9_4
Связанные CVE
Связанные уязвимости
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.
In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a % ...