-
vim (2:8.1.2269-1ubuntu5.23) focal; urgency=medium
* Ensure Ubuntu codenames are current (LP: #2064687).
-- Simon Quigley <email address hidden> Thu, 02 May 2024 21:36:35 -0500
-
vim (2:8.1.2269-1ubuntu5.22) focal-security; urgency=medium
* SECURITY UPDATE: stack based buffer overflow
- debian/patches/CVE-2024-22667.patch: passes error buffer length down
through option callback functions.
- CVE-2024-22667
-- Ian Constantin <email address hidden> Thu, 14 Mar 2024 11:29:25 +0200
-
vim (2:8.1.2269-1ubuntu5.21) focal-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-1725.patch: Check for regexp program becoming NULL
in more places.
- CVE-2022-1725
* SECURITY UPDATE: denial of service
- debian/patches/CVE-2022-1771.patch: Limit recursion of getcmdline().
- CVE-2022-1771
* SECURITY UPDATE: out of bounds write vulnerability
- debian/patches/CVE-2022-1897.patch: Disallow undo when in a substitute
command.
- CVE-2022-1897
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2022-2000.patch: addresses the potential for an
overflow by adding a bounds check and truncating the message if needed.
- CVE-2022-2000
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-46246.patch: Check that the return value from the
vim_str2nr() function is not larger than INT_MAX and if yes, bail out with
an error.
- CVE-2023-46246
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-48231.patch: If the current window structure is
no longer valid, fail and return before attempting to set win->w_closing
variable.
- CVE-2023-48231
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48233.patch: If the count after the :s command is
larger than what fits into a (signed) long variable, abort with
e_value_too_large.
- CVE-2023-48233
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48234.patch: When getting the count for a normal z
command, it may overflow for large counts given. So verify, that we can
safely store the result in a long.
- CVE-2023-48234
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48235.patch: When parsing relative ex addresses
one may unintentionally cause an overflow (because LONG_MAX - lnum will
overflow for negative addresses).
- CVE-2023-48235
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48236.patch: When using the z= command, we may
overflow the count with values larger than MAX_INT. So verify that we do
not overflow and in case when an overflow is detected, simply return 0.
- CVE-2023-48236
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48237.patch: When shifting lines in operator
pending mode and using a very large value, we may overflow the size of
integer. Fix this by using a long variable, testing if the result would
be larger than INT_MAX and if so, indent by INT_MAX value.
- CVE-2023-48237
-- Fabian Toepfer <email address hidden> Thu, 07 Dec 2023 16:42:49 +0100
-
vim (2:8.1.2269-1ubuntu5.20) focal-security; urgency=medium
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after
reset_VIsual() in do_ecmd.
- CVE-2023-4733
* SECURITY UPDATE: out of bounds write vulnerability
- debian/patches/CVE-2023-4735.patch: Add check for buffer size to avoid
overflow in do_addsub.
- CVE-2023-4735
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4750.patch: Check buffer is valid before
accessing it.
- CVE-2023-4750
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4751.patch: Stop Visual mode when using :ball
to avoid illegal memory access.
- CVE-2023-4751
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4752.patch: validate buffer before accessing it
in ins_compl_get_exp.
- CVE-2023-4752
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4781.patch: Disallow exchanging windows when
textlock is active in vim_regsub_both.
- CVE-2023-4781
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-5344.patch: Add NULL at end of buffer in
trunc_string.
- CVE-2023-5344
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2023-5441.patch: skip gui_scroll when exmode_active
in gui_do_scroll.
- CVE-2023-5441
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-5535.patch: block autocommands in
buf_contents_changed.
- CVE-2023-5535
-- Fabian Toepfer <email address hidden> Mon, 16 Oct 2023 20:14:13 +0200
-
vim (2:8.1.2269-1ubuntu5.18) focal-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-3234.patch: Check for replacing NUL after Tab.
- debian/patches/CVE-2022-3520.patch: Check that the column does not
become negative.
- CVE-2022-3234
- CVE-2022-3520
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-3256.patch: Copy the mark before editing
another buffer
- debian/patches/CVE-2022-3352.patch: Disallow deleting the current
buffer to avoid using freed memory
- debian/patches/CVE-2022-3591.patch: Disallow navigating to a dummy
buffer
- debian/patches/CVE-2022-3705.patch: Set the quickfix-busy flag while
filling the buffer
- debian/patches/CVE-2022-4292.patch: Bail out if the window no longer
exists.
- CVE-2022-3256
- CVE-2022-3352
- CVE-2022-3591
- CVE-2022-3705
- CVE-2022-4292
* SECURITY UPDATE: stack-based buffer overflow
- debian/patches/CVE-2022-3324.patch: Make sure the window width does
not become negative
- CVE-2022-3324
* SECURITY UPDATE: incorrect floating point comparison
- debian/patches/CVE-2022-4293.patch: fix floating point comparison
- CVE-2022-4293
* debian/patches/fix_flaky_tests.patch: skip failing test
-- Nishit Majithia <email address hidden> Fri, 06 Oct 2023 13:50:32 +0530
-
vim (2:8.1.2269-1ubuntu5.17) focal-security; urgency=medium
* SECURITY UPDATE: out-of-bounds write issue
- debian/patches/CVE-2022-2598.patch: Make sure the line number does
not go below one.
- CVE-2022-2598
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-3016.patch: Return QF_ABORT and handle it.
- debian/patches/CVE-2022-3037.patch: Do not handle errors if there
aren't any
- debian/patches/CVE-2022-3099.patch: Do not check breakpoint for
non-existing line
- CVE-2022-3016
- CVE-2022-3037
- CVE-2022-3099
-- Nishit Majithia <email address hidden> Fri, 18 Aug 2023 09:11:54 +0530
-
vim (2:8.1.2269-1ubuntu5.16) focal-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2264.patch: Adjust the end mark position.
- debian/patches/CVE-2022-2284.patch: Stop Visual mode when closing a
window.
- CVE-2022-2264
- CVE-2022-2284
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-2208.patch: Recompute diffs later. Skip
window without a valid buffer.
- CVE-2022-2208
* SECURITY UPDATE: out-of-bounds write issue
- debian/patches/CVE-2022-2210.patch: Use zero offset when change
removes all lines in a diff block
- CVE-2022-2210
* SECURITY UPDATE: out-of-bounds read issue
- debian/patches/CVE-2022-2257.patch: Check for NUL.
- debian/patches/CVE-2022-2286.patch: Check the length of the string
- debian/patches/CVE-2022-2287.patch: Disallow adding a word with
control characters or a trailing slash.
- CVE-2022-2257
- CVE-2022-2286
- CVE-2022-2287
* SECURITY UPDATE: integer overflow issue
- debian/patches/CVE-2022-2285.patch: Put a NUL after the typeahead.
- CVE-2022-2285
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-2289.patch: Bail out when diff pointer is no
longer valid
- CVE-2022-2289
* debian/patches/update_flaky_tests.patch: add few tests to flaky
-- Nishit Majithia <email address hidden> Tue, 01 Aug 2023 14:00:18 +0530
-
vim (2:8.1.2269-1ubuntu5.15) focal-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference when processing register content
- debian/patches/CVE-2023-2609.patch: check "y_array" is not NULL.
- CVE-2023-2609
* SECURITY UPDATE: integer overflow and excessive memory consumption when
allocating memory for tilde processing in pattern
- debian/patches/CVE-2023-2610.patch: limit the text length to MAXCOL.
- CVE-2023-2610
-- Camila Camargo de Matos <email address hidden> Wed, 24 May 2023 11:28:35 -0300
-
vim (2:8.1.2269-1ubuntu5.14) focal-security; urgency=medium
* SECURITY UPDATE: out-of-bound read vulnerability
- debian/patches/CVE-2021-4166.patch: crash when clearing the argument
list while using it
- CVE-2021-4166
* SECURITY UPDATE: use-after-free when matching inside a visual selection
- debian/patches/CVE-2021-4192.patch: get the line again after getvvcol().
- CVE-2021-4192
* SECURITY UPDATE: out-of-bounds read when processing data in visual mode
- debian/patches/CVE-2021-4193.patch: check for valid column in getvcol().
- CVE-2021-4193
* SECURITY UPDATE: heap buffer overflow when processing long file names
- debian/patches/CVE-2022-0213.patch: check length when appending a space.
- CVE-2022-0213
* SECURITY UPDATE: heap-based buffer overflow when performing a block insert
- debian/patches/CVE-2022-0261.patch: handle invalid byte better. Fix
inserting the wrong text.
- debian/patches/CVE-2022-0318-1.patch: for block insert only use the
offset for correcting the length.
- debian/patches/CVE-2022-0318-2.patch: adjust the expected output for
utf8 block insert test.
- CVE-2022-0261
- CVE-2022-0318
* SECURITY UPDATE: out-of-bounds read when exchanging windows in visual mode
- debian/patches/CVE-2022-0319.patch: correct end of Visual area when
entering another buffer.
- CVE-2022-0319
* SECURITY UPDATE: stack pointer corruption when parsing too many brackets
in expression
- debian/patches/CVE-2022-0351.patch: limit recursion to 1000.
- CVE-2022-0351
* SECURITY UPDATE: illegal memory access when processing large indent in ex
mode
- debian/patches/CVE-2022-0359.patch: allocate enough memory.
- CVE-2022-0359
* SECURITY UPDATE: illegal memory access when copying lines in visual mode
- debian/patches/CVE-2022-0361.patch: adjust the Visual position after
copying lines.
- CVE-2022-0361
* SECURITY UPDATE: illegal memory access when undo makes visual area invalid
in visual mode
- debian/patches/CVE-2022-0368.patch: correct the Visual area after undo.
- CVE-2022-0368
* SECURITY UPDATE: stack corruption when looking for spelling suggestions
- debian/patches/CVE-2022-0408.patch: prevent the depth increased too
much. Add a five second time limit to finding suggestions.
- CVE-2022-0408
* SECURITY UPDATE: use of freed memory when managing buffers
- debian/patches/CVE-2022-0443.patch: do not use wiped out buffer.
- CVE-2022-0443
* SECURITY UPDATE: heap buffer overflow when processing vim buffers
- debian/patches/CVE-2022-0554.patch: when deleting the current buffer to
not pick a quickfix buffer as the new current buffer.
- CVE-2022-0554
* SECURITY UPDATE: heap buffer overflow when repeatedly using :retab
- debian/patches/CVE-2022-0572.patch: bail out when the line is getting
too long.
- CVE-2022-0572
* SECURITY UPDATE: stack buffer overflow vulnerability
- debian/patches/CVE-2022-0629.patch: crash when using many composing
characters in error message
- CVE-2022-0629
* SECURITY UPDATE: out-of-range pointer offset when using special multi-byte
character
- debian/patches/CVE-2022-0685.patch: don't use isalpha() for an arbitrary
character.
- CVE-2022-0685
* SECURITY UPDATE: heap buffer overflow when processing anomalous
'vartabstop' value
- debian/patches/CVE-2022-0714.patch: check for running into the end of
the line.
- CVE-2022-0714
* SECURITY UPDATE: out-of-range pointer offset when processing specific
regexp pattern and string
- debian/patches/CVE-2022-0729.patch: stop at the start of the string.
- CVE-2022-0729
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2207.patch: adds a check to see if the cursor
column is great than zero.
- CVE-2022-2207
-- Nishit Majithia <email address hidden> Tue, 18 Apr 2023 15:50:44 +0530
-
vim (2:8.1.2269-1ubuntu5.13) focal-security; urgency=medium
* SECURITY UPDATE: use after free
- debian/patches/CVE-2022-0413.patch: make a copy of the substitute pattern
that starts with "\=" in do_sub() in src/ex_cmds.c and free it at the end
of the method and add test case Test_using_old_sub in
src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1796.patch: make a copy of the pattern to search
for as it could get freed in do_window() in src/window.c and add test
case Test_define_search in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1898.patch: make a copy of the string as it could
get freed in nv_brackets() in src/normal.c, and add a test inside the
Test_define_search test case in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1968.patch: mitigates the potential for a use
after free scenario by making a copy of a buffer to use for future
reference
- debian/patches/CVE-2022-2946.patch: using freed memory when 'tagfunc'
deletes the buffer
- CVE-2022-0413
- CVE-2022-1796
- CVE-2022-1898
- CVE-2022-1968
- CVE-2022-2946
* SECURITY UPDATE: buffer over-read
- debian/patches/CVE-2022-1629.patch: add a check for null after a
backslash in find_next_quote() in src/search.c and add test case
Test_string_html_objects in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1720.patch: reading past end of line with "gf" in
Visual block mode
- debian/patches/CVE-2022-1733.patch: add a check for null when checking
for trailing ' in skip_string() in src/misc1.c and add test case
Test_cindent_check_funcdecl in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1735.patch: add a new function, check_visual_pos
in src/misc2.c and invoke it in src/change.c and src/edit.c. Add the new
function header in src/proto/misc2.pro and add test case
Test_visual_block_with_substitute in src/testdir/test_visual.vim.
- debian/patches/CVE-2022-1851.patch: add a call to check_cursor() after
formatting in op_format() in src/ops.c and add test case
Test_correct_cursor_position in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1927.patch: cursor position may be invalid after
"0;" range
- debian/patches/CVE-2022-2845.patch: reading before the start of the line
- CVE-2022-1629
- CVE-2022-1720
- CVE-2022-1733
- CVE-2022-1735
- CVE-2022-1851
- CVE-2022-1927
- CVE-2022-2845
* SECURITY UPDATE: crash when matching buffer with invalid pattern
- debian/patches/CVE-2022-1674.patch: check for NULL regprog
- CVE-2022-1674
* SECURITY UPDATE: buffer over-write
- debian/patches/CVE-2022-1785.patch: add textlock flag to disallow
changing text or switching window before calling vim_regsub_multi() in
src/ex_cmds.c.
- CVE-2022-1785
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-1942.patch: adds a control to disallow the
opening of a command line window when text or buffer is locked.
- debian/patches/CVE-2022-2344.patch: reading past end of completion with
duplicate match
- debian/patches/CVE-2022-2571.patch: reading past end of line with insert
mode completion
- debian/patches/CVE-2022-2849.patch: invalid memory access with for loop
over NULL string
- CVE-2022-1942
- CVE-2022-2344
- CVE-2022-2571
- CVE-2022-2849
* SECURITY UPDATE: searching for quotes may go over the end of the line
- debian/patches/CVE-2022-2124.patch: check for running into the NULL
- CVE-2022-2124
* SECURITY UPDATE: lisp indenting my run over the end of the line
- debian/patches/CVE-2022-2125.patch: check for NULL earlier
- CVE-2022-2125
* SECURITY UPDATE: using invalid index when looking for spell suggestions
- debian/patches/CVE-2022-2126.patch: do not decrement the index when it
is zero
- CVE-2022-2126
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2022-2129.patch: prevents the editing of another file
when either curbuf_lock or textlock is set.
- CVE-2022-2129
* SECURITY UPDATE: invalid memory access when using an expression on the
command line
- debian/patches/CVE-2022-2175-1.patch: make sure the position does not
go negative
- debian/patches/CVE-2022-2175-2.patch: add missing #ifdef FEAT_EVAL
- CVE-2022-2175
* SECURITY UPDATE: reading beyond the end of the line with lisp indenting
- debian/patches/CVE-2022-2183.patch: avoid going over the NUL at the end
of the line
- CVE-2022-2183
* SECURITY UPDATE: accessing invalid memory after changing terminal size
- debian/patches/CVE-2022-2206.patch: adjust cmdline_row and msg_row to
the value of Rows
- CVE-2022-2206
* SECURITY UPDATE: spell dump may go beyond end of an array
- debian/patches/CVE-2022-2304.patch: limit the word length
- CVE-2022-2304
* SECURITY UPDATE: using freed memory with recursive substitution
- debian/patches/CVE-2022-2345.patch: always make a copy of
reg_prev_sub
- CVE-2022-2345
* SECURITY UPDATE: illegal memory access when pattern starts with
illegal byte
- debian/patches/CVE-2022-2581.patch: do not match a character with an
illegal byte
- CVE-2022-2581
* SECURITY UPDATE: null pointer dereference issue
- debian/patches/CVE-2022-2923.patch: crash when using ":mkspell" with an
empty .dic file
- debian/patches/CVE-2022-2980.patch: crash with mouse click when not
initialized
- CVE-2022-2923
- CVE-2022-2980
-- Nishit Majithia <email address hidden> Mon, 03 Apr 2023 11:51:26 +0530
-
vim (2:8.1.2269-1ubuntu5.12) focal-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference when creating blank mouse
pointer
- debian/patches/CVE-2022-47024.patch: only use the return value of
XChangeGC() when it is not NULL.
- CVE-2022-47024
* SECURITY UPDATE: invalid memory access with bad 'statusline' value
- debian/patches/CVE-2023-0049.patch: avoid going over the NULL at the end
of a statusline.
- CVE-2023-0049
* SECURITY UPDATE: invalid memory access with recursive substitute
expression
- debian/patches/CVE-2023-0054.patch: check the return value of
vim_regsub().
- CVE-2023-0054
* SECURITY UPDATE: invalid memory access with folding and using "L"
- debian/patches/CVE-2023-0288.patch: prevent the cursor from moving to
line zero.
- CVE-2023-0288
* SECURITY UPDATE: reading past the end of a line when formatting text
- debian/patches/CVE-2023-0433.patch: check for not going over the end of
the line.
- CVE-2023-0433
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-1170.patch: accessing invalid memory with put
in Visual block mode
- CVE-2023-1170
* SECURITY UPDATE: incorrect calculation of buffer size
- debian/patches/CVE-2023-1175.patch: illegal memory access when using
virtual editing
- CVE-2023-1175
* SECURITY UPDATE: NULL pointer dereference vulnerability
- debian/patches/CVE-2023-1264.patch: using NULL pointer with nested
:open command
- CVE-2023-1264
-- Nishit Majithia <email address hidden> Fri, 17 Mar 2023 16:38:34 +0530
-
vim (2:8.1.2269-1ubuntu5.11) focal-security; urgency=medium
* SECURITY UPDATE: illegal memory access with bracketed paste in Ex mode
- debian/patches/CVE-2022-0392.patch: reverse space for the trailing NUL
- CVE-2022-0392
* SECURITY UPDATE: retab may cause illegal memory access
- debian/patches/CVE-2022-0417.patch: limit the value of tabstop
- CVE-2022-0417
-- Mark Esler <email address hidden> Wed, 11 Jan 2023 17:54:11 -0600
-
vim (2:8.1.2269-1ubuntu5.10) focal; urgency=medium
* Update supported Ubuntu and Debian codenames (LP: #1996087).
-- Simon Quigley <email address hidden> Wed, 09 Nov 2022 17:57:59 +0100
-
vim (2:8.1.2269-1ubuntu5.9) focal-security; urgency=medium
* No-change rebuild to republish missing architecture binaries in the
security pocket (LP: #1989973)
-- Nishit Majithia <email address hidden> Mon, 19 Sep 2022 10:29:57 +0530
-
vim (2:8.1.2269-1ubuntu5.8) focal-security; urgency=medium
* SECURITY UPDATE: heap based buffer overflow in spelling suggestion
function
- debian/patches/CVE-2022-0943.patch: adjust "badlen".
- CVE-2022-0943
* SECURITY UPDATE: use-after-free when processing regular expressions in old
engine
- debian/patches/CVE-2022-1154.patch: after getting mark get the line
again.
- CVE-2022-1154
* SECURITY UPDATE: buffer overflow when using invalid command with composing
chars
- debian/patches/CVE-2022-1616.patch: check that the whole character fits
in the buffer.
- CVE-2022-1616
* SECURITY UPDATE: heap buffer overflow when processing CTRL-W in latin1
encoding
- debian/patches/CVE-2022-1619.patch: check already being at the start of
the command line.
- CVE-2022-1619
* SECURITY UPDATE: NULL pointer access when using invalid pattern
- debian/patches/CVE-2022-1620.patch: check for failed regexp program.
- CVE-2022-1620
* SECURITY UPDATE: heap buffer overflow when processing invalid character
added to word list
- debian/patches/CVE-2022-1621.patch: check for a valid word string.
- debian/patches/remove_test_spell_single_word.patch: removal of test
test_spell_single_word from src/testdir/test_spell.vim
- CVE-2022-1621
-- Nishit Majithia <email address hidden> Tue, 13 Sep 2022 19:18:19 +0530
-
vim (2:8.1.2269-1ubuntu5.7) focal-security; urgency=medium
* No-change rebuild to fix cdimage build on riscv64
-- Ray Veldkamp <email address hidden> Tue, 01 Feb 2022 20:16:32 +1100
-
vim (2:8.1.2269-1ubuntu5.6) focal-security; urgency=medium
* SECURITY UPDATE: Use-after-free issue in regular expression engine when
using a mark, could lead to a denial of service or code execution.
- debian/patches/CVE-2021-3974.patch: Ensure check for free is made when
processing mark in src/regexp_nfa.c, src/testdir/test_regexp_latin.vim
- CVE-2021-3974
* SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of
service or possible code execution when C-indenting
- debian/patches/CVE-2021-3984.patch: Fix memory access issue by correctly
dereferencing cursor position in src/cindent.c and
src/testdir/test_cindent.vim
- CVE-2021-3984
* SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of
service when help functions are provided with long command strings
- debian/patches/CVE-2021-4019.patch: Fix handling of strcpy to use safer
vim_snprintf in src/ex_cmds.c and src/testdir/test_help.vim
- CVE-2021-4019
* SECURITY UPDATE: Use-after-free issue in open command can lead to a denial
of service or possible code execution
- debian/patches/CVE-2021-4069.patch: Fix issue making a copy of the
current line and its address in src/ex_docmd.c
- CVE-2021-4069
-- Ray Veldkamp <email address hidden> Thu, 20 Jan 2022 22:59:01 +1100
-
vim (2:8.1.2269-1ubuntu5.4) focal-security; urgency=medium
* SECURITY UPDATE: Fix heap-based buffer overflow when buffer name is very
long
- debian/patches/CVE-2021-3872.patch: Make sure not to go over the end of
the buffer in src/drawscreen.c, src/testdir/test_statusline.vim.
- CVE-2021-3872
* SECURITY UPDATE: Fix heap-based buffer overflow when scrolling without a
valid screen
- debian/patches/CVE-2021-3903.patch: Do not set VALID_BOTLINE in w_valid
in src/move.c, src/testdir/test_normal.vim.
- CVE-2021-3903
* SECURITY UPDATE: Fix heap-based buffer overflow when reading character
past end of line
- debian/patches/CVE-2021-3927.patch: Correct the cursor column in
src/ex_docmd.c, src/testdir/test_put.vim.
- CVE-2021-3927
* SECURITY UPDATE: Fix stack-based buffer overflow when reading
uninitialized memory when giving spell suggestions
- debian/patches/CVE-2021-3928.patch: Check that preword is not empty in
src/spellsuggest.c, src/testdir/test_spell.vim.
- CVE-2021-3928
* Fix flaky vim terminal mode test
-- Spyros Seimenis <email address hidden> Mon, 08 Nov 2021 15:21:34 +0100
-
vim (2:8.1.2269-1ubuntu5.3) focal-security; urgency=medium
* SECURITY UPDATE: Fix heap-based buffer overflow when using :retab with
large value
- debian/patches/CVE-2021-3770-1.patch: Check vartabstop contains positive
number in src/indent.c.
- debian/patches/CVE-2021-3770-2.patch: Fix memory leak for :retab with
invalid argument
- CVE-2021-3770
* SECURITY UPDATE: Fix heap-based buffer overflow when reading beyond end of
line with invalid utf-8 character
- debian/patches/CVE-2021-3778.patch: Validate encoding of character before
advancing line in regexp_nfa.c.
- CVE-2021-3778
* SECURITY UPDATE: Fix use after free when replacing
- debian/patches/CVE-2021-3796.patch: Get the line pointer after calling
ins_copychar() in src/normal.c.
- CVE-2021-3796
* Fix failing flaky test for riscv64 builds.
-- Spyros Seimenis <email address hidden> Mon, 20 Sep 2021 14:42:42 +0300
-
vim (2:8.1.2269-1ubuntu5) focal; urgency=medium
* Increase Test_mode_message_at_leaving_insert_with_esc_mapped timeout for
riscv64.
-- William Grant <email address hidden> Wed, 15 Apr 2020 16:40:31 +1000
-
vim (2:8.1.2269-1ubuntu4) focal; urgency=medium
[ Rafael David Tinoco ]
* Sponsoring ruby2.7 transitions
[ Lucas Kanashiro ]
* No-change rebuild for ruby2.7
-- Rafael David Tinoco <email address hidden> Mon, 02 Mar 2020 16:35:26 +0000
-
vim (2:8.1.2269-1ubuntu3) focal; urgency=medium
* Update debian/patches/ubuntu-mouse-off.patch to also fix tests that
reference the mouse.
-- Steve Langasek <email address hidden> Mon, 24 Feb 2020 17:49:38 +0000
-
vim (2:8.1.2269-1ubuntu2) focal; urgency=medium
* restore debian/patches/ubuntu-mouse-off.patch, wrongly dropped during
the merge. LP: #18644243
-- Steve Langasek <email address hidden> Mon, 24 Feb 2020 07:07:25 -0800
-
vim (2:8.1.2269-1ubuntu1) focal; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/debian/update-upstart-syntax.patch:
+ Add setuid and setgid to syntax file.
- debian/patches/ubuntu-series-support.patch:
+ Drop vivid, wily, yakkety, zesty, artful.
* Dropped changes, included upstream:
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- Add focal as a supported Ubuntu series.
- Remove cosmic as a supported Ubuntu series.
* Remove disco as a supported Ubuntu series.
vim (2:8.1.2269-1) unstable; urgency=medium
* Merge upstream patch v8.1.2269
+ 8.1.2261: Disable modifyOtherKeys while in Insert mode when 'noesckeys'
is set. (Closes: #944132)
vim (2:8.1.2244-1) unstable; urgency=medium
* Merge upstream patch v8.1.2244
+ syntax/debchangelog.vim: Highlight unsupported releases differently than
supported releases. (Closes: #847933)
+ "mouse" feature is now always enabled.
+ Improve support for chorded mappings in xterm, when xterm's
modifyOtherKeys mode is enabled, c.f. :help modifyOtherKeys.
* Revert "Move /usr/bin/vim.* into /usr/libexec/vim/"
(Closes: #943328, #942225). The change broke user preferences for
alternatives and sensible-editor.
* Add /var/lib/addons to 'runtimepath' at build time (Closes: #943967)
* Use dh_missing instead of dh_install --list-missing (Closes: #942277)
vim (2:8.1.2136-1) unstable; urgency=medium
* Merge upstream patch v8.1.2136
+ Farsi support was removed
+ syntax/debcontrol.vim: Recognize "Files-Excluded(-<component>)" fields
(Closes: #932894)
+ Swap files are automatically deleted if the file was unmodified and the
process which generated the swap file isn't running. (Closes: #375989)
+ Fix incorrect over-indenting when auto-indent is enabled for XML files.
(Closes: #918672)
+ Fix indentation of bash scripts with nested if blocks. (Closes:
#939369)
+ New popup window support, via the "popup_*()" APIs
+ New sound support, via the "sound_*()" APIs
+ "localmap", "visual", "visualextra", "visualedit", "user_commands",
"multi_byte", "cmdline_compl", "insert_expand", "modify_fname",
and "comments" features are now always enabled.
+ Fix test_compiler.vim failure when locale isn't available. (Closes:
#917859)
* control:
+ Remove obsolete versioned Build-Depends on dpkg-dev
* rules:
+ Use dh_install --list-missing
* Turn vim-gtk into a transitional package to vim-gtk3 (Closes: #930576
since the IA__gdk_drawable_get_size assertions don't happen in the GTK3
build)
* Declare compliance with Policy 4.4.1, no changes needed
* Move /usr/bin/vim.* into /usr/libexec/vim/
* autopkgtest:
+ Mark the "$variant --version" tests superficial
+ Add new tests which run the build time tests against the installed
binary/runtime. Mark it flaky for now, since there are some tests which
are more prone to fail in the LXC environment.
+ Run autopkgtests as a dedicated user, to avoid false negative failures
with upstream tests which check permissions
-- Steve Langasek <email address hidden> Mon, 17 Feb 2020 22:30:35 -0800
-
vim (2:8.1.0875-5ubuntu4) focal; urgency=medium
* No-change rebuild to build with python3.8.
-- Matthias Klose <email address hidden> Sat, 25 Jan 2020 04:41:15 +0000
-
vim (2:8.1.0875-5ubuntu3) focal; urgency=medium
* Add focal as a supported Ubuntu series.
* Remove cosmic as a supported Ubuntu series.
-- Simon Quigley <email address hidden> Fri, 18 Oct 2019 15:46:24 -0500
-
vim (2:8.1.0875-5ubuntu2) eoan; urgency=medium
* No-change upload with strops.h and sys/strops.h removed in glibc.
-- Matthias Klose <email address hidden> Thu, 05 Sep 2019 11:15:15 +0000
