From f2344182df7f2559515fa94492742ba055441a98 Mon Sep 17 00:00:00 2001
From: zhangpan <zp1224248514@163.com>
Date: Fri, 24 Mar 2023 03:34:44 +0000
Subject: [PATCH] fix CVE-2023-28617

---
 backport-CVE-2023-28617.patch | 46 +++++++++++++++++++++++++++++++++++
 emacs.spec                    |  6 ++++-
 2 files changed, 51 insertions(+), 1 deletion(-)
 create mode 100644 backport-CVE-2023-28617.patch

diff --git a/backport-CVE-2023-28617.patch b/backport-CVE-2023-28617.patch
new file mode 100644
index 0000000..d175173
--- /dev/null
+++ b/backport-CVE-2023-28617.patch
@@ -0,0 +1,46 @@
+From a8006ea580ed74f27f974d60b598143b04ad1741 Mon Sep 17 00:00:00 2001
+From: Xi Lu <lx@shellcodes.org>
+Date: Sat, 11 Mar 2023 18:53:37 +0800
+Subject: * lisp/ob-latex.el: Fix command injection vulnerability
+
+(org-babel-execute:latex):
+Replaced the `(shell-command "mv BAR NEWBAR")' with `rename-file'.
+
+TINYCHANGE
+
+Reference:https://git.savannah.gnu.org/cgit/emacs/org-mode.git/commit/?id=a8006ea580ed74f27f974d60b598143b04ad1741
+Conflict:NA
+
+---
+ lisp/org/ob-latex.el | 13 +++++--------
+ 1 file changed, 5 insertions(+), 8 deletions(-)
+
+diff --git a/lisp/org/ob-latex.el b/lisp/org/ob-latex.el
+index a2c24b3..ce39628 100644
+--- a/lisp/org/ob-latex.el
++++ b/lisp/org/ob-latex.el
+@@ -218,17 +218,14 @@ This function is called by `org-babel-execute-src-block'."
+ 	    (if (string-suffix-p ".svg" out-file)
+ 		(progn
+ 		  (shell-command "pwd")
+-		  (shell-command (format "mv %s %s"
+-					 (concat (file-name-sans-extension tex-file) "-1.svg")
+-					 out-file)))
++                  (rename-file (concat (file-name-sans-extension tex-file) "-1.svg")
++                               out-file t))
+ 	      (error "SVG file produced but HTML file requested")))
+ 	   ((file-exists-p (concat (file-name-sans-extension tex-file) ".html"))
+ 	    (if (string-suffix-p ".html" out-file)
+-		(shell-command "mv %s %s"
+-			       (concat (file-name-sans-extension tex-file)
+-				       ".html")
+-			       out-file)
+-	      (error "HTML file produced but SVG file requested")))))
++                (rename-file (concat (file-name-sans-extension tex-file) ".html")
++                             out-file t)
++              (error "HTML file produced but SVG file requested")))))
+ 	 ((or (string= "pdf" extension) imagemagick)
+ 	  (with-temp-file tex-file
+ 	    (require 'ox-latex)
+-- 
+cgit v1.1
diff --git a/emacs.spec b/emacs.spec
index 34eb52a..9cfb938 100644
--- a/emacs.spec
+++ b/emacs.spec
@@ -8,7 +8,7 @@
 Name:          emacs
 Epoch:         1
 Version:       27.2
-Release:       9
+Release:       10
 Summary:       An extensible GNU text editor
 License:       GPLv3+ and CC0-1.0
 URL:           http://www.gnu.org/software/emacs
@@ -29,6 +29,7 @@ Patch6004:        backport-CVE-2022-45939.patch
 Patch6005:        backport-CVE-2022-48337.patch
 Patch6006:        backport-CVE-2022-48338.patch
 Patch6007:        backport-CVE-2022-48339.patch
+Patch6008:        backport-CVE-2023-28617.patch
 Patch9000:        emacs-deal-taboo-words.patch
 
 BuildRequires: gcc atk-devel cairo-devel freetype-devel fontconfig-devel dbus-devel giflib-devel
@@ -411,6 +412,9 @@ fi
 %{_mandir}/*/*
 
 %changelog
+* Fri Mar 24 2023 zhangpan <zhangpan103@h-partners.com> - 1:27.2-10
+- fix CVE-2023-28617
+
 * Thu Feb 23 2023 zhangpan <zhangpan103@h-partners.com> - 1:27.2-9
 - fix CVE-2022-48337 CVE-2022-48338 CVE-2022-48339
 
-- 
Gitee