Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:2074: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.
Red Hat Security Data
#vulnerability#web#mac#linux#red_hat#nodejs#js#java#kubernetes#aws#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2023-05-02

Updated:

2023-05-02

RHSA-2023:2074 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: emacs security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for emacs is now available for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language (elisp), and the capability to read e-mail and news.

Security Fix(es):

  • emacs: command injection vulnerability in org-mode (CVE-2023-28617)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux for x86_64 9 x86_64
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for ARM 64 9 aarch64

Fixes

  • BZ - 2180544 - CVE-2023-28617 emacs: command injection vulnerability in org-mode

Red Hat Enterprise Linux for x86_64 9

SRPM

emacs-27.2-6.el9_1.1.src.rpm

SHA-256: 5b7dd30ac5b43bbaef9c257b2e60b452cf520a0adff49a36e001b939f4def4ae

x86_64

emacs-27.2-6.el9_1.1.x86_64.rpm

SHA-256: 195ce56997d3a250b6abba3af907c1f46e58da9b25bc376bc0707aa3d6608be0

emacs-common-27.2-6.el9_1.1.x86_64.rpm

SHA-256: 87d5ca44c9d91ecc2655b09ee54c173f2b710782e1c15f467603bf93fa308aba

emacs-common-debuginfo-27.2-6.el9_1.1.x86_64.rpm

SHA-256: 157a89451e48068194a9ae36f57c4c0356bb7858fe8ad0b105e31c226f71f25e

emacs-debuginfo-27.2-6.el9_1.1.x86_64.rpm

SHA-256: 9f0d22e1cb4f92ff55a3a221900a4d7333d66628ccce21b59e2ed5948092aafd

emacs-debugsource-27.2-6.el9_1.1.x86_64.rpm

SHA-256: c09138b7823bde75e42c16368024902909b798be1e6dd5250e93569eeadfc08d

emacs-filesystem-27.2-6.el9_1.1.noarch.rpm

SHA-256: 8cf42ab253bb55e28ed82eb966c7726e62bec0010ab7296ca49910645808e5e8

emacs-lucid-27.2-6.el9_1.1.x86_64.rpm

SHA-256: ca90b3e04ac1ec08098bdc87568a2f8a47cb74a72c3daf7e602c5a964792a363

emacs-lucid-debuginfo-27.2-6.el9_1.1.x86_64.rpm

SHA-256: 97a0406a1422ab31f1641bea8717fa6692292343a51addd4557712bcc8c780c0

emacs-nox-27.2-6.el9_1.1.x86_64.rpm

SHA-256: bb4f426f6bc3bb559221a732bf25a06938723b3b92c6c14fe8faaf83182cda45

emacs-nox-debuginfo-27.2-6.el9_1.1.x86_64.rpm

SHA-256: 4e065866c50a45a6297fa3ae59be04a24865f1214f0d3ec10734ee9b941009f4

Red Hat Enterprise Linux for IBM z Systems 9

SRPM

emacs-27.2-6.el9_1.1.src.rpm

SHA-256: 5b7dd30ac5b43bbaef9c257b2e60b452cf520a0adff49a36e001b939f4def4ae

s390x

emacs-27.2-6.el9_1.1.s390x.rpm

SHA-256: 39e5a42487249bff7c75606ed24620352286f4b56bc068cf92a85e8286e998ab

emacs-common-27.2-6.el9_1.1.s390x.rpm

SHA-256: d62474d138e6db6fd6a17e8ac8f9aad521a2d9441651b6d8f1906bf23f8242a9

emacs-common-debuginfo-27.2-6.el9_1.1.s390x.rpm

SHA-256: 8414a6395b11ff890493731a10d8fdc5dc8cb207498eeddbaa2033640c50c07c

emacs-debuginfo-27.2-6.el9_1.1.s390x.rpm

SHA-256: 8525a08b30075bad8588f3b392437876681572bf02e3e7eeb7d7901b6e7c6e1a

emacs-debugsource-27.2-6.el9_1.1.s390x.rpm

SHA-256: a4f45e82a41f1b10fb68337d57466ecb1ca47fd174eca2d67289945c00a762de

emacs-filesystem-27.2-6.el9_1.1.noarch.rpm

SHA-256: 8cf42ab253bb55e28ed82eb966c7726e62bec0010ab7296ca49910645808e5e8

emacs-lucid-27.2-6.el9_1.1.s390x.rpm

SHA-256: 4f90ede55bc1761b3847603a68c1bc254f2d9dc3742ef3c3c7c44131c45a748d

emacs-lucid-debuginfo-27.2-6.el9_1.1.s390x.rpm

SHA-256: c2a0ca075a85bacb5b234cf164f000d695afea977b164c8fd60bf9fbfe382728

emacs-nox-27.2-6.el9_1.1.s390x.rpm

SHA-256: 4b961299fbef1ea50c1b7e6b92b035a25294101f069b11c2e0ae2e33492bdfe9

emacs-nox-debuginfo-27.2-6.el9_1.1.s390x.rpm

SHA-256: 650b3c227421bb765713507754a15be55ac12ee64bc58d239e475c4840f8d49a

Red Hat Enterprise Linux for Power, little endian 9

SRPM

emacs-27.2-6.el9_1.1.src.rpm

SHA-256: 5b7dd30ac5b43bbaef9c257b2e60b452cf520a0adff49a36e001b939f4def4ae

ppc64le

emacs-27.2-6.el9_1.1.ppc64le.rpm

SHA-256: 2651ca0da2c3cc1470cf26f1bf1318814c13a70345ef5878462d3e346973f982

emacs-common-27.2-6.el9_1.1.ppc64le.rpm

SHA-256: 023ad3816b04ad39805f4c061c7eaeaac8b9fb9dc9a73a7ce90ee3232b9c1849

emacs-common-debuginfo-27.2-6.el9_1.1.ppc64le.rpm

SHA-256: 8c6602ebf7dcc60397d9fe02c5055969c7d826c7d89c2d982cfdca0c6866da21

emacs-debuginfo-27.2-6.el9_1.1.ppc64le.rpm

SHA-256: 3ef63d81be638896e822233888e21d20ecb25b170ab51edd7867fd7497e81ecd

emacs-debugsource-27.2-6.el9_1.1.ppc64le.rpm

SHA-256: bf62b800acd34bdd03d9ea260cbb8e675da66e609c48c2ec8b2cd6909f525522

emacs-filesystem-27.2-6.el9_1.1.noarch.rpm

SHA-256: 8cf42ab253bb55e28ed82eb966c7726e62bec0010ab7296ca49910645808e5e8

emacs-lucid-27.2-6.el9_1.1.ppc64le.rpm

SHA-256: d354b5385c6b84f380a7b8069aecec06dfb2fe4d24dff80817b95b8b37ae6347

emacs-lucid-debuginfo-27.2-6.el9_1.1.ppc64le.rpm

SHA-256: ae7e4ca776519b1167217dce419957ff978ed051ced863b10046ca8bc7e1636e

emacs-nox-27.2-6.el9_1.1.ppc64le.rpm

SHA-256: 1b7e5fe8037f022535977413ca20f0c6fbd7c2d7b38ccfbedb99e8d4ea0f4966

emacs-nox-debuginfo-27.2-6.el9_1.1.ppc64le.rpm

SHA-256: ef32d487600d255c98e9917b751b9264fac20c8f545541ebd42f12e1f98bffea

Red Hat Enterprise Linux for ARM 64 9

SRPM

emacs-27.2-6.el9_1.1.src.rpm

SHA-256: 5b7dd30ac5b43bbaef9c257b2e60b452cf520a0adff49a36e001b939f4def4ae

aarch64

emacs-27.2-6.el9_1.1.aarch64.rpm

SHA-256: ea2a0522150287eec22cb252ecd1652cf27dc929c117b80933425d36b55a588b

emacs-common-27.2-6.el9_1.1.aarch64.rpm

SHA-256: fbd0a67b10a7df1ada5ff7ec784cc550234977a3dc5fbafe73bc4130ea8565a3

emacs-common-debuginfo-27.2-6.el9_1.1.aarch64.rpm

SHA-256: b573b68a1dab8b3bb927942ebe41972fe29931ef46fd406653b17e8b52f8066c

emacs-debuginfo-27.2-6.el9_1.1.aarch64.rpm

SHA-256: 45bc435656775b2cd3309bfd1ec4da69e234836b75158e739f53c29761974add

emacs-debugsource-27.2-6.el9_1.1.aarch64.rpm

SHA-256: 06f8eca9766b4f27e1f545d730a6d28f72d2552d891b4f23368a6670d53463e4

emacs-filesystem-27.2-6.el9_1.1.noarch.rpm

SHA-256: 8cf42ab253bb55e28ed82eb966c7726e62bec0010ab7296ca49910645808e5e8

emacs-lucid-27.2-6.el9_1.1.aarch64.rpm

SHA-256: 3d4a6b54483faa0a73cedb53a4341cd78524054a71e1a66d5739500c0ea59b43

emacs-lucid-debuginfo-27.2-6.el9_1.1.aarch64.rpm

SHA-256: 53a8b813f809571b2cf212b5db412a989814bee191807f809b4f065553d2ae19

emacs-nox-27.2-6.el9_1.1.aarch64.rpm

SHA-256: 2cec31948b4f4b5e5c2929d7041e381823793d3b5b9f6c8020342ed4b5868207

emacs-nox-debuginfo-27.2-6.el9_1.1.aarch64.rpm

SHA-256: a99279dcd524221f2c69d134d29b015060f8e08421f2e1f1470117f24cf042a1

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

RHSA-2023:3309: Red Hat Security Advisory: OpenShift Container Platform 4.11.42 bug fix and security update

Red Hat OpenShift Container Platform release 4.11.42 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.11. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2018-17419: The Miek Gieben DNS library is vulnerable to a denial of service caused by a segmentation violation in setTA in scan_rr.go. By persuading a victim to open a specially-crafted file, a...

RHSA-2023:3265: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.12.3 Security and Bug fix update

Updated images that fix several bugs are now available for Red Hat OpenShift Data Foundation 4.12.3 on Red Hat Enterprise Linux 8 from Red Hat Container Registry. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-23539: A flaw was found in the jsonwebtoken package. The affected versions of the `jsonwebtoken` library could be misconfigured so that legacy, insecure key types are used for signature verification. For example, DSA keys could be used with the RS256 algorithm. *...

Red Hat Security Advisory 2023-3189-01

Red Hat Security Advisory 2023-3189-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:3189: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

RHSA-2023:3104: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-2491: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the "org-babel-execute:latex" function in ob-latex.el can result in arbitrary command execution. This CVE exists because of a CVE-2023-28617 security regression for the emacs package in Red Hat Enterprise Linux 9.2.

RHSA-2023:2110: Red Hat Security Advisory: OpenShift Container Platform 4.12.16 security update

Red Hat OpenShift Container Platform release 4.12.16 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.12. Red Hat Product Security has rated this update as having a security impact of [impact]. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-46146: A flaw was found in exporter-toolkit. A request can be forged by an attacker to poison the internal cache used to cache hashes and make subsequent successful requests. This cache is ...

RHSA-2023:2626: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-48337: A flaw was found in the Emacs package. This flaw allows attackers to execute commands via shell metacharacters in the name of a source-code file. * CVE-2022-48338: A flaw was found in the Emacs package. A malicious ruby source file may cause a local command injection. * CVE-2022-48339: A flaw was found in the Emacs package. If a file name or direc...

RHSA-2023:2107: Red Hat Security Advisory: Migration Toolkit for Containers (MTC) 1.7.9 security and bug fix update

The Migration Toolkit for Containers (MTC) 1.7.9 is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41724: A flaw was found in Golang Go, where it is vulnerable to a denial of service caused when processing large TLS handshake records. By sending specially-crafted TLS handshake records, a remote, authenticated attacker can cause a denial of service condition. * CVE-2022-41725: A flaw was found in Go, where it is vulnerable to a denial of service caused by...

Red Hat Security Advisory 2023-2074-01

Red Hat Security Advisory 2023-2074-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

Red Hat Security Advisory 2023-1958-01

Red Hat Security Advisory 2023-1958-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:2010: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

RHSA-2023:1958: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Red Hat Security Advisory 2023-1930-01

Red Hat Security Advisory 2023-1930-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:1931: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

RHSA-2023:1930: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Red Hat Security Advisory 2023-1915-01

Red Hat Security Advisory 2023-1915-01 - GNU Emacs is a powerful, customizable, self-documenting text editor. It provides special code editing features, a scripting language, and the capability to read e-mail and news. Issues addressed include a code execution vulnerability.

RHSA-2023:1915: Red Hat Security Advisory: emacs security update

An update for emacs is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2023-28617: A flaw was found in the Emacs text editor. Processing a specially crafted org-mode code with the function org-babel-execute:latex in ob-latex.el can result in arbitrary command execution.

Ubuntu Security Notice USN-6003-1

Ubuntu Security Notice 6003-1 - Xi Lu discovered that Emacs did not properly handle certain inputs. An attacker could possibly use this issue to execute arbitrary commands.

CVE-2023-28617: [PATCH] Fix ob-latex.el command injection vulnerability.

org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers to execute arbitrary commands via a file name or directory name that contains shell metacharacters.