Dear all, There's a couple of recent Emacs CVEs announced in oss-security: https://www.openwall.com/lists/oss-security/2025/02/26/2 https://nvd.nist.gov/vuln/detail/CVE-2025-1244 https://nvd.nist.gov/vuln/detail/CVE-2024-53920 Upstream recommends everyone upgrades immediately: https://lists.gnu.org/archive/html/info-gnu/2025-02/msg00009.html And indeed, RHEL 9 already has the fix backported https://access.redhat.com/errata/RHSA-2025:1915 ... and also Debian: https://lists.debian.org/debian-backports/2025/02/msg00008.html For Fedora it looks like the new version has only been built for F42 and F43 https://bodhi.fedoraproject.org/updates/?search=30.1&packages=emacs we should probably - request that the f42 update be waived from the beta freeze - also update F41 and F40? <-- happy to prepare PRs if that helps speed things along Best regards, -- _o) Michel Lind _( ) identities: https://keyoxide.org/5dce2e7e9c3b1cffd335c1d78b229d2f7ccc04f2 README: https://fedoraproject.org/wiki/User:Salimma#README -- _______________________________________________ devel mailing list -- devel@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe send an email to devel-leave@xxxxxxxxxxxxxxxxxxxxxxx Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/devel@xxxxxxxxxxxxxxxxxxxxxxx Do not reply to spam, report it: https://pagure.io/fedora-infrastructure/new_issue
