{"id":"MGASA-2023-0152","summary":"Updated emacs packages fix security vulnerability","details":"org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU\nEmacs allows attackers to execute arbitrary commands via a file name or\ndirectory name that contains shell metacharacters. (CVE-2023-28617)\n","modified":"2026-02-01T01:17:21.722066Z","published":"2023-04-24T00:20:26Z","related":["CVE-2023-28617"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2023-0152.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31767"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-6003-1"}],"affected":[{"package":{"name":"emacs","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/emacs?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"27.1-1.4.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2023-0152.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}