diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2024-03-24 18:21:46 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2024-03-25 13:30:45 +0100 |
commit | 9543d326f2858aedf7a7b335dc6bb336d0206625 (patch) | |
tree | af6417e52b411a5b5e3a62dbea77c81e074c3f39 /ChangeLog.txt | |
parent | fca48db86c9b7dcfd30f40859d2d68b8c546b8ca (diff) | |
download | current-9543d326f2858aedf7a7b335dc6bb336d0206625.tar.gz current-9543d326f2858aedf7a7b335dc6bb336d0206625.tar.xz |
Sun Mar 24 18:21:46 UTC 202420240324182146_15.0
patches/packages/emacs-29.3-x86_64-1_slack15.0.txz: Upgraded.
GNU Emacs through 28.2 allows attackers to execute commands via shell
metacharacters in the name of a source-code file, because lib-src/etags.c
uses the system C library function in its implementation of the ctags
program. For example, a victim may use the "ctags *" command (suggested in
the ctags documentation) in a situation where the current working directory
has contents that depend on untrusted input.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45939
(* Security fix *)
Diffstat (limited to 'ChangeLog.txt')
-rw-r--r-- | ChangeLog.txt | 12 |
1 files changed, 12 insertions, 0 deletions
diff --git a/ChangeLog.txt b/ChangeLog.txt index 00db1a668..7d27d32a9 100644 --- a/ChangeLog.txt +++ b/ChangeLog.txt @@ -1,3 +1,15 @@ +Sun Mar 24 18:21:46 UTC 2024 +patches/packages/emacs-29.3-x86_64-1_slack15.0.txz: Upgraded. + GNU Emacs through 28.2 allows attackers to execute commands via shell + metacharacters in the name of a source-code file, because lib-src/etags.c + uses the system C library function in its implementation of the ctags + program. For example, a victim may use the "ctags *" command (suggested in + the ctags documentation) in a situation where the current working directory + has contents that depend on untrusted input. + For more information, see: + https://www.cve.org/CVERecord?id=CVE-2022-45939 + (* Security fix *) ++--------------------------+ Sat Mar 23 19:34:02 UTC 2024 patches/packages/mozilla-firefox-115.9.1esr-x86_64-1_slack15.0.txz: Upgraded. This update fixes a critical security issue: |