New release with security updates

It addresses: * CVE-2022-48337 * CVE-2022-48339 * CVE-2022-48338 * CVE-2023-28617 Resolves: #2175142,#2175179,#2175190,#2180590
2023-03-17 15:01:19 +01:00 · 2023-03-17 15:01:19 +01:00 · c04f67efd1
commit c04f67efd1
parent 5bd1974025
1 changed files with 8 additions and 2 deletions
--- a/emacs.spec
+++ b/emacs.spec
@ -5,7 +5,7 @@ Summary:       GNU Emacs text editor
 Name:          emacs
 Epoch:         1
 Version:       27.2
-Release:       8%{?dist}
+Release:       9%{?dist}
 License:       GPLv3+ and CC0-1.0
 URL:           http://www.gnu.org/software/emacs/
 Source0:       https://ftp.gnu.org/gnu/emacs/emacs-%{version}.tar.xz
@ -491,6 +491,12 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg
 %{_includedir}/emacs-module.h

 %changelog
+* Sun Apr 2 2023 Jacek Migacz <jmigacz@redhat.com> - 1:27.2-9
+- Fix etags local command injection vulnerability (#2175190)
+- Fix htmlfontify.el command injection vulnerability (#2175179)
+- Fix ruby-mode.el local command injection vulnerability (#2175142)
+- Fix ob-latex.el command injection vulnerability (#2180590)
+
 * Tue Jan 10 2023 Jacek Migacz <jmigacz@redhat.com> - 1:27.2-8
 - Use a 64KB page size for pdump (#1979804)

@ -513,7 +519,7 @@ rm %{buildroot}%{_datadir}/icons/hicolor/scalable/mimetypes/emacs-document23.svg
 * Thu Apr 15 2021 Mohan Boddu <mboddu@redhat.com> - 1:27.2-2
 - Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937

-* Thu Mar 27 2021 Bhavin Gandhi <bhavin7392@gmail.com> - 1:27.2-1
+* Sat Mar 27 2021 Bhavin Gandhi <bhavin7392@gmail.com> - 1:27.2-1
 - emacs-27.2 is available

 * Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 1:27.1-3