[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[ANN] Emergency bugfix release: Org mode 9.7.5
|
From: |
Ihor Radchenko |
|
Subject: |
[ANN] Emergency bugfix release: Org mode 9.7.5 |
|
Date: |
Sat, 22 Jun 2024 16:10:35 +0000 |
Dear all,
I just released Org mode 9.7.5 that fixes a critical vulnerability.
The release is coordinated with emergency Emacs 29.4 release.
Please upgrade your Org mode *and* Emacs ASAP.
The vulnerability involves arbitrary Shell code evaluation when
previewing attachments in Emacs MUA (gnus-based: at least, mu4e,
Notmuch, Gnus itself) or when opening third-party Org files. All the
earlier versions of Org mode are affected.
Note that the vulnerability solved in this release has nothing to do
with recent Org 9.6.23 release
(https://list.orgmode.org/871q7zbldp.fsf@localhost/). It existed since
long time ago and was discovered by accident.
--
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>
- [ANN] Emergency bugfix release: Org mode 9.7.5,
Ihor Radchenko <=