mirrors/emacs
1
Fork 0
mirror of git://git.sv.gnu.org/emacs.git synced 2025-12-06 06:20:55 -08:00
Code Issues Projects Releases Wiki Activity

Mention CVE-2025-1244 in NEWS

Browse source 
* etc/NEWS: Document CVE-2025-1244.

For anyone looking to backport this, the fix is in commit
820f0793f0.
This commit is contained in:
Stefan Kangas 2025-02-23 16:25:37 +01:00
parent 2dbf7d0b1b
commit 1cda0967b4
1 changed files with 3 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

3
etc/NEWS
View file

@ -184,6 +184,9 @@ expectations.
* Changes in Emacs 30.1 * Changes in Emacs 30.1
** Fix shell injection vulnerability in man.el (CVE-2025-1244).
We urge all users to upgrade immediately.
** New user option 'trusted-content' to allow potentially dangerous features. ** New user option 'trusted-content' to allow potentially dangerous features.
This option lists those files and directories whose content Emacs should This option lists those files and directories whose content Emacs should
consider as sufficiently trusted to run any part of the code contained consider as sufficiently trusted to run any part of the code contained