From: Eli Zaretskii <eliz@gnu.org>
Date: Sun, 24 Mar 2024 12:19:29 +0000 (-0400)
Subject: * etc/NEWS: Update for Emacs 29.3
X-Git-Tag: archive/raspbian/1%29.4+1-4+rpi1~1^2~2^2~18^2~10
X-Git-Url: https://dgit.raspbian.org/?a=commitdiff_plain;h=8d8253f89915f1d9b45791d46cf974c6bdcc1457;p=emacs.git

* etc/NEWS: Update for Emacs 29.3
---

diff --git a/etc/NEWS b/etc/NEWS
index 06086e9bdfb..3f94b0d4634 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -15,32 +15,28 @@ in older Emacs versions.
 You can narrow news to a specific version by calling 'view-emacs-news'
 with a prefix argument or by typing 'C-u C-h C-n'.
 
-
-* Installation Changes in Emacs 29.3
-
-
-* Startup Changes in Emacs 29.3
-
 
 * Changes in Emacs 29.3
+Emacs 29.3 is an emergency bugfix release intended to fix several
+security vulnerabilities described below.
 
-
-* Editing Changes in Emacs 29.3
+** Arbitrary Lisp code is no longer evaluated as part of turning on Org mode.
+This is for security reasons, to avoid evaluating malicious Lisp code.
 
-
-* Changes in Specialized Modes and Packages in Emacs 29.3
+** New buffer-local variable 'untrusted-content'.
+When this is non-nil, Lisp programs should treat buffer contents with
+extra caution.
 
-
-* New Modes and Packages in Emacs 29.3
+** Gnus now treats inline MIME contents as untrusted.
+To get back previous insecure behavior, 'untrusted-content' should be
+reset to nil in the buffer.
 
-
-* Incompatible Lisp Changes in Emacs 29.3
+** LaTeX preview is now by default disabled for email attachments.
+To get back previous insecure behavior, set the variable
+'org--latex-preview-when-risky' to a non-nil value.
 
-
-* Lisp Changes in Emacs 29.3
-
-
-* Changes in Emacs 29.3 on Non-Free Operating Systems
+** Org mode now considers contents of remote files to be untrusted.
+Remote files are recognized by calling 'file-remote-p'.
 
 
 * Installation Changes in Emacs 29.2