New release with security updates

It addresses: * CVE-2022-48337 * CVE-2022-48339 * CVE-2023-28617 Resolves: #2175189,#2175178,#2180587
2023-04-07 00:03:49 +02:00 · 2023-04-07 00:03:49 +02:00 · d3bcf0e9c9
commit d3bcf0e9c9
parent 7812dc2fdf
1 changed files with 6 additions and 1 deletions
--- a/emacs.spec
+++ b/emacs.spec
@ -5,7 +5,7 @@ Summary:       GNU Emacs text editor
 Name:          emacs
 Epoch:         1
 Version:       26.1
-Release:       9%{?dist}
+Release:       10%{?dist}
 License:       GPLv3+ and CC0-1.0
 URL:           http://www.gnu.org/software/emacs/
 Group:         Applications/Editors
@ -474,6 +474,11 @@ fi
 %dir %{_datadir}/emacs/site-lisp/site-start.d

 %changelog
+* Fri Apr 7 2023 Jacek Migacz <jmigacz@redhat.com> - 1:26.1-10
+- Fix etags local command injection vulnerability (#2175189)
+- Fix htmlfontify.el command injection vulnerability (#2175178)
+- Fix ob-latex.el command injection vulnerability (#2180587)
+
 * Tue Jan 10 2023 Jacek Migacz <jmigacz@redhat.com> - 1:26.1-9
 - Fix MH-E mail composition with GNU Mailutils (#1991156)