Suggested advisory:
========================

The updated packages improve Wayland support and fix a security vulnerability:

In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. (CVE-2024-39331)

References:
https://lists.suse.com/pipermail/sle-security-updates/2024-July/019003.html
https://bugs.mageia.org/show_bug.cgi?id=33241
========================

Updated packages in core/updates_testing:
========================
emacs-29.4-1.mga9
emacs-common-29.4-1.mga9
emacs-doc-29.4-1.mga9
emacs-el-29.4-1.mga9
emacs-leim-29.4-1.mga9
emacs-nox-29.4-1.mga9
emacs-pgtk-29.4-1.mga9

from SRPM:
emacs-29.4-1.mga9.src.rpm

Assignee: bugsquad => qa-bugs
Blocks: (none) => 33241
Status: NEW => ASSIGNED

RH mageia x86_64

LC_ALL=C urpmi --auto --auto-update
medium "QA Testing (32-bit)" is up-to-date
medium "QA Testing (64-bit)" is up-to-date
medium "Core Release (distrib1)" is up-to-date
medium "Core Updates (distrib3)" is up-to-date
medium "Nonfree Release (distrib11)" is up-to-date
medium "Nonfree Updates (distrib13)" is up-to-date
medium "Tainted Release (distrib21)" is up-to-date
medium "Tainted Updates (distrib23)" is up-to-date
medium "Core 32bit Release (distrib31)" is up-to-date
medium "Core 32bit Updates (distrib32)" is up-to-date
medium "Nonfree 32bit Release (distrib36)" is up-to-date
medium "Tainted 32bit Release (distrib41)" is up-to-date
medium "Tainted 32bit Updates (distrib42)" is up-to-date

installing emacs-29.4-1.mga9.x86_64.rpm emacs-common-29.4-1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64
Preparing...                     ##################################################################################################
      1/2: emacs-common          ##################################################################################################
      2/2: emacs                 ##################################################################################################
      1/2: removing emacs-28.2-10.2.mga9.x86_64
                                 ##################################################################################################
      2/2: removing emacs-common-28.2-10.2.mga9.x86_64
                                 ##################################################################################################

Not find POC for the cve
The application works
Not have gnome wayland to test bug#33241

Omar Purata Funes should give feedback about that

CC: (none) => omarpurataf

Wait enough to Omar,
Give OK in vase clean install and works after update

Whiteboard: (none) => MGA9-64-OK
CC: (none) => andrewsfarm

Validating.

Keywords: (none) => validated_update
CC: (none) => sysadmin-bugs

An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2024-0276.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED