Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 927727

Summary: app-editors/emacs-29.3-r1 stable request
Product: Gentoo Linux Reporter: Ulrich Müller <ulm>
Component: StabilizationAssignee: GNU Emacs project <gnu-emacs>
Status: RESOLVED OBSOLETE    
Severity: normal CC: hppa
Priority: Normal Keywords: CC-ARCHES, SECURITY, STABLEREQ
Version: unspecifiedFlags: nattka: sanity-check+
Hardware: All   
OS: Linux   
See Also: https://bugs.gentoo.org/show_bug.cgi?id=927819
Whiteboard:
Package list:
app-editors/emacs-29.3-r1
 Runtime testing required: ---

Description Ulrich Müller gentoo-dev 2024-03-24 16:49:46 UTC 
From etc/NEWS:

   * Changes in Emacs 29.3
   Emacs 29.3 is an emergency bugfix release intended to fix several
   security vulnerabilities described below.

   ** Arbitrary Lisp code is no longer evaluated as part of turning on Org mode.
   This is for security reasons, to avoid evaluating malicious Lisp code.

   ** New buffer-local variable 'untrusted-content'.
   When this is non-nil, Lisp programs should treat buffer contents with
   extra caution.

   ** Gnus now treats inline MIME contents as untrusted.
   To get back previous insecure behavior, 'untrusted-content' should be
   reset to nil in the buffer.

   ** LaTeX preview is now by default disabled for email attachments.
   To get back previous insecure behavior, set the variable
   'org--latex-preview-when-risky' to a non-nil value.

   ** Org mode now considers contents of remote files to be untrusted.
   Remote files are recognized by calling 'file-remote-p'.

Therefore, asking for quick stabilisation.

Test plan: <https://wiki.gentoo.org/wiki/Project:Emacs/Test_plans>

Thanks in advance.
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-03-24 18:16:43 UTC 
ppc64 done
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-03-24 18:16:44 UTC 
arm64 done
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-03-24 18:16:46 UTC 
arm done
Comment 4 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-03-24 18:33:42 UTC 
ppc done
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-03-24 18:33:43 UTC 
sparc done
Comment 6 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-03-25 08:54:43 UTC 
amd64 done
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-03-25 08:54:44 UTC 
x86 done
Comment 8 NATTkA bot gentoo-dev 2024-04-15 07:28:25 UTC Comment hidden (obsolete)
Comment 9 Ulrich Müller gentoo-dev 2024-04-27 18:34:33 UTC 
@hppa: Please stabilise emacs-29.3-r2 in bug 930795 instead.