USN-7375-1: Org Mode vulnerabilities

Read Time:54 Second

It was discovered that Org Mode did not correctly handle filenames
containing shell metacharacters. An attacker could possibly use this issue
to cause a denial of service or execute arbitrary code. This issue only
affected Ubuntu 22.04 LTS. (CVE-2023-28617)

It was discovered that Org Mode could run untrusted code left in its
buffer. An attacker could possibly use this issue to cause a denial of
service or execute arbitrary code. This issue only affected
Ubuntu 22.04 LTS and Ubuntu 24.04 LTS. (CVE-2024-30202)

It was discovered that Org Mode did not correctly handle the contents of
remote files. An attacker could possibly use this issue to cause a denial
of service or execute arbitrary code. This issue only affected
Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS and Ubuntu 24.04 LTS.
(CVE-2024-30205)

It was discovered that Org Mode could be made to run arbitrary Elisp code.
An attacker could possibly use this issue to cause a denial of service or
execute arbitrary code. (CVE-2024-39331)

Friday Squid Blogging: Two-Man Giant Squid

Cyber Agencies Warn of Fast Flux Threat Bypassing Network Defenses

Troy Hunt Gets Phished

Tj-actions Supply Chain Attack Traced Back to Single GitHub Token Compromise

Chinese State Hackers Exploiting Newly Disclosed Ivanti Flaw

Major Online Platform for Child Exploitation Dismantled

CrushFTP Vulnerability Exploited Following Disclosure Issues

HellCat ransomware: what you need to know

Amateur Hacker Leverages Russian Bulletproof Hosting Server to Spread Malware

USN-7375-1: Org Mode vulnerabilities

rust-below-0.9.0-1.el8

DSA-5894-1 jetty9 – security update

DSA-5893-1 tomcat10 – security update

GLSA 202504-01: XZ Utils: Use after free

DSA-5896-1 trafficserver – security update

DSA-5895-1 xz-utils – security update