MGASA-2023-0152

See a problem?
Please try reporting it to the source first.

Source

https://advisories.mageia.org/MGASA-2023-0152.html

Import Source

https://advisories.mageia.org/MGASA-2023-0152.json

JSON Data

https://api.osv.dev/v1/vulns/MGASA-2023-0152

Related

CVE-2023-28617

Published

2023-04-24T00:20:26Z

Modified

2023-04-23T23:09:44Z

Summary

Updated emacs packages fix security vulnerability

Details

org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters. (CVE-2023-28617)

References

Credits

- Mageia - COORDINATOR
- - https://wiki.mageia.org/en/Packages_Security_Team

Affected packages

Mageia:8 / emacs

Package

Name: emacs
Purl: pkg:rpm/mageia/emacs?arch=source&distro=mageia-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

27.1-1.4.mga8

Ecosystem specific

{
    "section": "core"
}

Database specific

source

"https://advisories.mageia.org/MGASA-2023-0152.json"