Your message dated Mon, 25 Mar 2024 01:13:54 +0000
with message-id <e1royuq-00aag4...@fasolo.debian.org>
and subject line Bug#1067630: fixed in emacs 1:29.3+1-1
has caused the Debian Bug report #1067630,
regarding emacs: release 29.3 fixes "several security vulnerabilities"
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1067630: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1067630
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: emacs
Version: 29.2+1-2
Severity: grave
Tags: security upstream
Justification: user security hole
X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>,
debian-emac...@lists.debian.org
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
According to the 29.3 release notes
* Changes in Emacs 29.3
Emacs 29.3 is an emergency bugfix release intended to fix several
security vulnerabilities described below.
** Arbitrary Lisp code is no longer evaluated as part of turning on Org mode.
This is for security reasons, to avoid evaluating malicious Lisp code.
** New buffer-local variable 'untrusted-content'.
When this is non-nil, Lisp programs should treat buffer contents with
extra caution.
** Gnus now treats inline MIME contents as untrusted.
To get back previous insecure behavior, 'untrusted-content' should be
reset to nil in the buffer.
** LaTeX preview is now by default disabled for email attachments.
To get back previous insecure behavior, set the variable
'org--latex-preview-when-risky' to a non-nil value.
** Org mode now considers contents of remote files to be untrusted.
Remote files are recognized by calling 'file-remote-p'.
- -- System Information:
Debian Release: trixie/sid
APT prefers testing-debug
APT policy: (500, 'testing-debug'), (500, 'testing')
Architecture: amd64 (x86_64)
Foreign Architectures: arm64
Kernel: Linux 6.6.15-amd64 (SMP w/20 CPU threads; PREEMPT)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8),
LANGUAGE=en_CA:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEkiyHYXwaY0SiY6fqA0U5G1WqFSEFAmYAhNIACgkQA0U5G1Wq
FSEANg//cukjqohXxNRpkxbutqHHvOB1aAr3d78jowjP3Yb9ozAArNxUjuJHEdSZ
5HCASm269atf5753maZILjyx3VmF/qUihyGjbbWjqMwNrQkkQiuXBfYn1F4R76/V
tyFile5NZVXIgYMykLb+rSHap6KMBnhjvLWSwNsDMuD8WB7OPH7KOI2xYqkUb7ue
SIgkCr0GJ+LaHOAYlRKkAYok4qwIfijLBw41Bt7t9Tawh+5d5nDkNPDphFOB+bG+
1hOQD8KVYWIceRK83wcDictSxbeTSo/cp6cEtVZX3yrDvBRbj3VKjKWL+0UIKfWO
iGWQYn622B7WbBIwEddQMmla+nxa5rxEN9VMEE8N5xcpI1lnL0lVSxw0jbT0FopJ
PmwFYmz1+pxB2fhRTv1T7ZTSAJS3BKQ9u2R8tuKO5ilSYp1zJrBBIazGPZ3Q+UBS
EoPh4hy5G4IZ3X3yaE9cX76fdDMMGPQ7HIinkw5A7KWb8zHse5m3+WG+iPNuveHU
GRwOB9pDDRTQrQVG8of2YVS0kLb9eu2jUD0sbi8As3P5Mr/gXHlrSgs5t1qg3HuA
Kkg7m7PAONZu0LBZNZsItm/V0weDqBdE+LZsa/1LUk3H+zvswhctlNLuZ7Y4mKqh
YpuwmZ2+cv1To2M/DKbBx2ngl5EiojF8hk5pGezcZ811NRFAQKc=
=BxE4
-----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---
Source: emacs
Source-Version: 1:29.3+1-1
Done: Rob Browning <r...@defaultvalue.org>
We believe that the bug you reported is fixed in the latest version of
emacs, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1067...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Rob Browning <r...@defaultvalue.org> (supplier of updated emacs package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 24 Mar 2024 16:30:50 -0500
Source: emacs
Architecture: source
Version: 1:29.3+1-1
Distribution: unstable
Urgency: high
Maintainer: Rob Browning <r...@defaultvalue.org>
Changed-By: Rob Browning <r...@defaultvalue.org>
Closes: 1067630
Changes:
emacs (1:29.3+1-1) unstable; urgency=high
.
* Merge upstream version 29.3. Thanks to David Bremner for the
report. (Closes: 1067630)
.
* Update debian/copyright for 29.3
Checksums-Sha1:
5c895babdcf06d88afcb131a7be36d4578b98aef 3018 emacs_29.3+1-1.dsc
c5910d788335c197bd5fa6abbc6d5e6086df5487 29289064 emacs_29.3+1.orig.tar.xz
6d2520132138fdd71b76241d07d80b3c7bc14877 63228 emacs_29.3+1-1.debian.tar.xz
e7dc6c1f3bcd127805d028ea5e0a0f5762df5007 21743 emacs_29.3+1-1_amd64.buildinfo
Checksums-Sha256:
6ef3ba5a9c23b37680d5dcef827cc85ebacec9fa839fefec5bc57d7c8e0ea9cc 3018
emacs_29.3+1-1.dsc
417e04fcc530a19bc290e0142c09d9090b8b88f529eaccc3ad43d436b2bc3821 29289064
emacs_29.3+1.orig.tar.xz
23de3ea02f3a54ced630f34e04315839150d66c1a351c4d441876a9911db5da8 63228
emacs_29.3+1-1.debian.tar.xz
1531b647c2fb0f72378161f18dae71665767560a45d5d41764ab026c0a434377 21743
emacs_29.3+1-1_amd64.buildinfo
Files:
b9305e557aa3ca99e2b3b6ed30783ca8 3018 editors optional emacs_29.3+1-1.dsc
1f9c4b33448a32e6fc6f9336eb9486b8 29289064 editors optional
emacs_29.3+1.orig.tar.xz
7d3b5f918d9feae3854aa284c7140211 63228 editors optional
emacs_29.3+1-1.debian.tar.xz
b93e03462891263d0bf3ba7f4a7bfb84 21743 editors optional
emacs_29.3+1-1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQJJBAEBCAAzFiEEPTFSABe5ruOuhW+97vEWxVpaQvEFAmYAq+YVHHJsYkBkZWZh
dWx0dmFsdWUub3JnAAoJEO7xFsVaWkLxCooQAJvPztp99Oh/Bhwg/Wpj5SucdCFt
EhPHCLXxcB7m+dyZIplwgfsQsApGfmyi+JrRcpFR6epinNHNTWdqXyKmVmY26zbf
7ZFUcwIqwPnTgLqZENUzTr6VVB1jCniUVfVYgRA4yJaFFoYOj6Qd2eKTELW43WuF
BPX+UQNKqOFelrIJvoA4IQ9VWtX6EPN0eoG7MwKdcZqH7FJWmHnF6Fdp8QMjEOZi
3aacEuY7fgIt1VTGPK5ss8Vpf4jlX51XTAaYys/eZPTYIXaFrx0HIqtqJK0qRNUR
IsVDY+3iqu8rNBhDF99tKoAPIr+EG3vP3R3fGr0n9V9hYYUzaAAbKKTZhWDbKr4G
awpJjP3v5q+EXrsSCJXpbdUmxwVi8h0wT9P+e1vLSdqKqof8e5bS/2gxKRqKX4B2
MkmHdv/xkI8Cj1a9SfS16PiFOM4H4WuuU4/QZ5lH+b26VeIX00Mgtea5uGy+fN34
2DQDLmOLaavCeM+RjKAkbiLlduE7XsAwOD8paECluSm/3n2jvHL1TBAY1GEORBHx
+ahqP6722GIR2zGod5WhshtRCk+95/mhg590pd61/3VWk2N6w0ceJLx4inmDcdbx
0sXkReetQxp1a/TXG/hdZFbhu5zm8s3nPV8ha/w+eXVrWJ1rorLQLtzuR04fyO8+
OkDzTtrhYVYqMVL2
=CVnS
-----END PGP SIGNATURE-----
pgpNAwhPQoAEc.pgp
Description: PGP signature
--- End Message ---
