Security vulnerability, arbitrary shell commands can run when turning on org-mode
Bug #2070418 reported by
Patrick Nicodemus
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| emacs (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
A serious security vulnerability was found in Emacs 29.3 and earlier. The default Ubuntu package for Emacs should be upgraded to 29.4 ASAP.
Disclosure of the bug: https:/
Newest release: https:/
| information type: | Private Security → Public Security |
Revision history for this message
| Marc Deslauriers (mdeslaur) wrote | #1 |
| tags: | added: community-security |
To post a comment you must log in.
Thanks for taking the time to report this bug and helping to make Ubuntu better. Since the package referred to in this bug is in universe or multiverse, it is community maintained. If you are able, I suggest coordinating with upstream and posting a debdiff for this issue. When a debdiff is available, members of the security team will review it and publish the package. See the following link for more information: https:/