Bug#1074137: org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code (CVE-2024-39331)

On Wed, 26 Jun 2024 17:24:25 +0700 Max Nikulin wrote: On Sun, 23 Jun 2024 18:16:27 +0200 Salvatore Bonaccorso wrote: > https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=f4cc61636947b5c2f0afc67174dd369fe3277aa8 Will the fix be backported to bookworm emacs-28 package? Sorry

Bug#1074137: org-link-expand-abbrev: Do not evaluate arbitrary unsafe Elisp code (CVE-2024-39331)

On Sun, 23 Jun 2024 18:16:27 +0200 Salvatore Bonaccorso wrote: https://www.openwall.com/lists/oss-security/2024/06/23/1 Upstream fix (in org-mode); https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=f4cc61636947b5c2f0afc67174dd369fe3277aa8 Will the fix be backported to bookworm

Bug#1069353: plantuml: Re: nncp: FTBFS on arm64: make[1]: *** [debian/rules:21: override_dh_auto_build] Error 1

On 07/06/2024 18:24, Andrej Shadura wrote: That was totally a bug in plantuml. My fault that I forgot to merge it with another bug report for the same issue. Thanks, Andrej. I see that the package have returned to testing. I am sorry that I missed https://bugs.debian.org/1068999 I was surpri

Bug#1069353: plantuml: Re: nncp: FTBFS on arm64: make[1]: *** [debian/rules:21: override_dh_auto_build] Error 1

On Sat, 20 Apr 2024 14:09:44 +0200 Lucas Nussbaum wrote: Source: nncp Severity: serious Justification: FTBFS [...] Caused by: java.lang.RuntimeException: Fontconfig head is null, check your fonts or fonts configuration John, for nncp it was certainly a high priority bug, but why severity is

Bug#1067630: fixed in emacs 1:29.3+1-1

On 25/03/2024 15:47, Sean Whitton wrote: On Mon 25 Mar 2024 at 10:21am +07, Max Nikulin wrote: On Mon, 25 Mar 2024 01:13:54 + Debian FTP Masters wrote: Source: emacs Source-Version: 1:29.3+1-1 Done: Rob Browning Should this issue be reopened or be cloned to backport fixes to Emacs-28 in

Bug#1067630: fixed in emacs 1:29.3+1-1

On Mon, 25 Mar 2024 01:13:54 + Debian FTP Masters wrote: Source: emacs Source-Version: 1:29.3+1-1 Done: Rob Browning Should this issue be reopened or be cloned to backport fixes to Emacs-28 in Debian stable?

Bug#1067630: emacs: release 29.3 fixes "several security vulnerabilities"

Control: found -1 1:28.2+1-15 On Sun, 24 Mar 2024 16:53:55 -0300 David Bremner wrote: ** Arbitrary Lisp code is no longer evaluated as part of turning on Org mode. This is for security reasons, to avoid evaluating malicious Lisp code. Emacs-28 in Debian 12 bookworm requires the fix as well. S

Bug#1035650: elpa-org version older than built-in Org in bookworm

On 09/05/2023 05:00, Nicholas D Steeves wrote: It's what at least two users want Intention of my bug report is to ensure that it was a conscious decision to keep a bit outdated Org version. I hope, only a small part of users will really notice the difference with built-in version. I consider