From c04f67efd186dc9550073534d2fa0c9263096376 Mon Sep 17 00:00:00 2001 From: Jacek Migacz Date: Fri, 17 Mar 2023 15:01:19 +0100 Subject: [PATCH] New release with security updates It addresses: * CVE-2022-48337 * CVE-2022-48339 * CVE-2022-48338 * CVE-2023-28617 Resolves: #2175142,#2175179,#2175190,#2180590 --- emacs.spec | 10 ++++++++-- 1 file changed, 8 insertions(+), 2 deletions(-) diff --git a/emacs.spec b/emacs.spec index f7e4d37..e0103d2 100644 --- a/emacs.spec +++ b/emacs.spec @@ -5,7 +5,7 @@ Summary: GNU Emacs text editor Name: emacs Epoch: 1 Version: 27.2 -Release: 8%{?dist} +Release: 9%{?dist} License: GPLv3+ and CC0-1.0 URL: http://www.gnu.org/software/emacs/ Source0: https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz @@ -491,6 +491,12 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg %{_includedir}/emacs-module.h %changelog +* Sun Apr 2 2023 Jacek Migacz - 1:27.2-9 +- Fix etags local command injection vulnerability (#2175190) +- Fix htmlfontify.el command injection vulnerability (#2175179) +- Fix ruby-mode.el local command injection vulnerability (#2175142) +- Fix ob-latex.el command injection vulnerability (#2180590) + * Tue Jan 10 2023 Jacek Migacz - 1:27.2-8 - Use a 64KB page size for pdump (#1979804) @@ -513,7 +519,7 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg * Thu Apr 15 2021 Mohan Boddu - 1:27.2-2 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 -* Thu Mar 27 2021 Bhavin Gandhi - 1:27.2-1 +* Sat Mar 27 2021 Bhavin Gandhi - 1:27.2-1 - emacs-27.2 is available * Tue Jan 26 2021 Fedora Release Engineering - 1:27.1-3