* etc/NEWS: Update for Emacs 29.3

1 files changed, 15 insertions, 19 deletions

diff --git a/etc/NEWS b/etc/NEWS
index 06086e9bdfb..3f94b0d4634 100644
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -16,31 +16,27 @@ You can narrow news to a specific version by calling 'view-emacs-news'
 with a prefix argument or by typing 'C-u C-h C-n'.
 
 
-* Installation Changes in Emacs 29.3
-
-
-* Startup Changes in Emacs 29.3
-
-
 * Changes in Emacs 29.3
+Emacs 29.3 is an emergency bugfix release intended to fix several
+security vulnerabilities described below.
 
-
-* Editing Changes in Emacs 29.3
+** Arbitrary Lisp code is no longer evaluated as part of turning on Org mode.
+This is for security reasons, to avoid evaluating malicious Lisp code.
 
-
-* Changes in Specialized Modes and Packages in Emacs 29.3
+** New buffer-local variable 'untrusted-content'.
+When this is non-nil, Lisp programs should treat buffer contents with
+extra caution.
 
-
-* New Modes and Packages in Emacs 29.3
+** Gnus now treats inline MIME contents as untrusted.
+To get back previous insecure behavior, 'untrusted-content' should be
+reset to nil in the buffer.
 
-
-* Incompatible Lisp Changes in Emacs 29.3
+** LaTeX preview is now by default disabled for email attachments.
+To get back previous insecure behavior, set the variable
+'org--latex-preview-when-risky' to a non-nil value.
 
-
-* Lisp Changes in Emacs 29.3
-
-
-* Changes in Emacs 29.3 on Non-Free Operating Systems
+** Org mode now considers contents of remote files to be untrusted.
+Remote files are recognized by calling 'file-remote-p'.
 
 
 * Installation Changes in Emacs 29.2