From 2ce854748484015505b0ddd0b268787c1327a047 Mon Sep 17 00:00:00 2001 From: Jacek Migacz Date: Fri, 23 Aug 2024 14:23:29 +0200 Subject: [PATCH] org-latex-preview: Add protection when `untrusted-content' is non-nil Resolves: RHEL-36244 --- emacs-latex-preview.patch | 57 +++++++++++++++++++++++++++++++++++++++ emacs.spec | 3 +++ 2 files changed, 60 insertions(+) create mode 100644 emacs-latex-preview.patch diff --git a/emacs-latex-preview.patch b/emacs-latex-preview.patch new file mode 100644 index 0000000..29cbc74 --- /dev/null +++ b/emacs-latex-preview.patch @@ -0,0 +1,57 @@ +From 6f9ea396f49cbe38c2173e0a72ba6af3e03b271c Mon Sep 17 00:00:00 2001 +From: Ihor Radchenko +Date: Tue, 20 Feb 2024 12:47:24 +0300 +Subject: org-latex-preview: Add protection when `untrusted-content' is non-nil + +* lisp/org/org.el (org--latex-preview-when-risky): New variable +controlling how to handle LaTeX previews in Org files from untrusted +origin. +(org-latex-preview): Consult `org--latex-preview-when-risky' before +generating previews. + +This patch adds a layer of protection when LaTeX preview is requested +for an email attachment, where `untrusted-content' is set to non-nil. +--- + lisp/org/org.el | 19 +++++++++++++++++++ + 1 file changed, 19 insertions(+) + +diff --git a/lisp/org/org.el b/lisp/org/org.el +index c75afbf..0f5d17d 100644 +--- a/lisp/org/org.el ++++ b/lisp/org/org.el +@@ -1140,6 +1140,24 @@ the following lines anywhere in the buffer: + :package-version '(Org . "8.0") + :type 'boolean) + ++(defvar untrusted-content) ; defined in files.el ++(defvar org--latex-preview-when-risky nil ++ "If non-nil, enable LaTeX preview in Org buffers from unsafe source. ++ ++Some specially designed LaTeX code may generate huge pdf or log files ++that may exhaust disk space. ++ ++This variable controls how to handle LaTeX preview when rendering LaTeX ++fragments that originate from incoming email messages. It has no effect ++when Org mode is unable to determine the origin of the Org buffer. ++ ++An Org buffer is considered to be from unsafe source when the ++variable `untrusted-content' has a non-nil value in the buffer. ++ ++If this variable is non-nil, LaTeX previews are rendered unconditionally. ++ ++This variable may be renamed or changed in the future.") ++ + (defcustom org-insert-mode-line-in-empty-file nil + "Non-nil means insert the first line setting Org mode in empty files. + When the function `org-mode' is called interactively in an empty file, this +@@ -15695,6 +15713,7 @@ fragments in the buffer." + (interactive "P") + (cond + ((not (display-graphic-p)) nil) ++ ((and untrusted-content (not org--latex-preview-when-risky)) nil) + ;; Clear whole buffer. + ((equal arg '(64)) + (org-clear-latex-preview (point-min) (point-max)) +-- +cgit v1.1 + diff --git a/emacs.spec b/emacs.spec index 58f551b..6b7d1c2 100644 --- a/emacs.spec +++ b/emacs.spec @@ -32,6 +32,7 @@ Patch7: emacs-ob-latex-command-injection-vulnerability.patch Patch8: emacs-consider-org-file-contents-unsafe.patch Patch9: emacs-org-link-expand-abbrev-unsafe-elisp.patch Patch10: emacs-mark-contents-untrusted.patch +Patch11: emacs-latex-preview.patch BuildRequires: atk-devel BuildRequires: cairo-devel @@ -194,6 +195,7 @@ packages that add functionality to Emacs. %patch8 -p1 -b .consider-org-file-contents-unsafe %patch9 -p1 -b .org-link-expand-abbrev-unsafe-elisp %patch10 -p1 -b .mark-contents-untrusted +%patch11 -p1 -b .latex-preview autoconf # We prefer our emacs.desktop file @@ -484,6 +486,7 @@ fi - org-file-contents: Consider all remote files unsafe (CVE-2024-30205) - org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code (CVE-2024-39331) - Make Gnus treats inline MIME contents as untrusted (CVE-2024-30203) +- Add protection for LaTeX preview (CVE-2024-30204) * Wed Apr 12 2023 Jacek Migacz - 1:26.1-11 - Bump version