submitted 4 months ago* (last edited 4 months ago) by mac@programming.dev to c/emacs@programming.dev

0 comments fedilink hide all child comments

Emacs 29.3 is an emergency bugfix release intended to fix several security vulnerabilities described below.

** Arbitrary Lisp code is no longer evaluated as part of turning on Org mode. This is for security reasons, to avoid evaluating malicious Lisp code.

** New buffer-local variable 'untrusted-content'. When this is non-nil, Lisp programs should treat buffer contents with extra caution.

** Gnus now treats inline MIME contents as untrusted. To get back previous insecure behavior, 'untrusted-content' should be reset to nil in the buffer.

** LaTeX preview is now by default disabled for email attachments. To get back previous insecure behavior, set the variable 'org--latex-preview-when-risky' to a non-nil value.

** Org mode now considers contents of remote files to be untrusted. Remote files are recognized by calling 'file-remote-p'.

no comments (yet)

sorted by: hot top controversial new old

there doesn't seem to be anything here

this post was submitted on 26 Mar 2024

5 points (100.0% liked)

Emacs

395 readers

1 users here now

founded 1 year ago

MODERATORS

Ategon@programming.dev

therealemilioestevez@programming.dev