<!--X-Body-Begin-->
<!--X-User-Header-->
oss-sec
mailing list archives
<!--X-User-Header-End-->
<!--X-TopPNI-->
By Date
By Thread
</form>
<!--X-TopPNI-End-->
<!--X-MsgBody-->
<!--X-Subject-Header-Begin-->
Re: Is CVE-2024-30203 bogus? (Emacs)
<!--X-Subject-Header-End-->
<!--X-Head-of-Message-->
From: Ihor Radchenko <yantar92 () posteo net>
Date: Wed, 10 Apr 2024 12:04:06 +0000
<!--X-Head-of-Message-End-->
<!--X-Head-Body-Sep-Begin-->
<!--X-Head-Body-Sep-End-->
<!--X-Body-of-Message-->
Sean Whitton <spwhitton () spwhitton name> writes:
Hmm, thank you, but let me ask a follow-up question: do you agree with
me that there is only one security flaw covered by these two CVEs, and
CVE-2024-30203 is the superfluous one?
Yes, CVE-2024-30203 title is superfluous.
And CVE-2024-30204 title is not accurate - it only applies to
certain attachments with specific (text/x-org) mime type.
--
Ihor Radchenko // yantar92,
Org mode contributor,
Learn more about Org mode at <https://orgmode.org/>.
Support Org development at <https://liberapay.com/org-mode>,
or support my work at <https://liberapay.com/yantar92>
<!--X-Body-of-Message-End-->
<!--X-MsgBody-End-->
<!--X-Follow-Ups-->
<!--X-Follow-Ups-End-->
<!--X-References-->
<!--X-References-End-->
<!--X-BotPNI-->
By Date
By Thread
Current thread:
Is CVE-2024-30203 bogus? (Emacs) Sean Whitton (Apr 08)
Re: Is CVE-2024-30203 bogus? (Emacs) Eli Zaretskii (Apr 08)
Re: Is CVE-2024-30203 bogus? (Emacs) Max Nikulin (Apr 08)
Re: Is CVE-2024-30203 bogus? (Emacs) Ihor Radchenko (Apr 08)
Re: Is CVE-2024-30203 bogus? (Emacs) Sean Whitton (Apr 10)
Re: Is CVE-2024-30203 bogus? (Emacs) Ihor Radchenko (Apr 10)
<!--X-BotPNI-End-->
<!--X-User-Footer-->
<!--X-User-Footer-End-->