Org Mode vulnerability CVE-2023-28617 is fixed (1/2)
https://security-tracker.debian.org/tracker/CVE-2023-28617
This upstream patch (1/2) has been incorporated to fix the problem:
* lisp/ob-latex.el: Fix command injection vulnerability
(org-babel-execute:latex):
Replaced the `(shell-command "mv BAR NEWBAR")' with `rename-file'.
TINYCHANGE
Origin: https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=
a8006ea580ed74f27f974d60b598143b04ad1741
Bug-Debian: https://bugs.debian.org/
1033342
Gbp-Pq: Name 0027-Org-Mode-vulnerability-CVE-2023-28617-is-fixed-1-2.patch
projects / emacs.git / commit