* etc/NEWS: Update for Emacs 29.3

2025-01-09 15:50:21 +00:00 · 2024-03-24 08:19:29 -04:00 · 2024-03-24 08:19:29 -04:00 · 8d8253f899
commit 8d8253f899
parent e95a862226
1 changed files with 15 additions and 19 deletions
--- a/etc/NEWS
+++ b/etc/NEWS
@ -15,32 +15,28 @@ in older Emacs versions.
 You can narrow news to a specific version by calling 'view-emacs-news'
 with a prefix argument or by typing 'C-u C-h C-n'.

-
-* Installation Changes in Emacs 29.3
-
-
-* Startup Changes in Emacs 29.3
-

 * Changes in Emacs 29.3
+Emacs 29.3 is an emergency bugfix release intended to fix several
+security vulnerabilities described below.

-
-* Editing Changes in Emacs 29.3
+** Arbitrary Lisp code is no longer evaluated as part of turning on Org mode.
+This is for security reasons, to avoid evaluating malicious Lisp code.

-
-* Changes in Specialized Modes and Packages in Emacs 29.3
+** New buffer-local variable 'untrusted-content'.
+When this is non-nil, Lisp programs should treat buffer contents with
+extra caution.

-
-* New Modes and Packages in Emacs 29.3
+** Gnus now treats inline MIME contents as untrusted.
+To get back previous insecure behavior, 'untrusted-content' should be
+reset to nil in the buffer.

-
-* Incompatible Lisp Changes in Emacs 29.3
+** LaTeX preview is now by default disabled for email attachments.
+To get back previous insecure behavior, set the variable
+'org--latex-preview-when-risky' to a non-nil value.

-
-* Lisp Changes in Emacs 29.3
-
-
-* Changes in Emacs 29.3 on Non-Free Operating Systems
+** Org mode now considers contents of remote files to be untrusted.
+Remote files are recognized by calling 'file-remote-p'.


 * Installation Changes in Emacs 29.2