diff options
author | Patrick J Volkerding <volkerdi@slackware.com> | 2022-12-08 22:48:34 +0000 |
---|---|---|
committer | Eric Hameleers <alien@slackware.com> | 2022-12-09 13:30:05 +0100 |
commit | d17567f359b292f76be7d60ae588ef567df4d95e (patch) | |
tree | cf7804f448830067536877816b39f6bb65fb8614 /patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txt | |
parent | 7add5d2865572a0a23891756e58701a6c97c5965 (diff) | |
download | current-f9424415d8409578e4d4fa00042a6151880d0dc0.tar.gz current-f9424415d8409578e4d4fa00042a6151880d0dc0.tar.xz |
Thu Dec 8 22:48:34 UTC 202220221208224834_15.0
patches/packages/emacs-27.2-x86_64-2_slack15.0.txz: Rebuilt.
GNU Emacs through 28.2 allows attackers to execute commands via shell
metacharacters in the name of a source-code file, because lib-src/etags.c
uses the system C library function in its implementation of the ctags
program. For example, a victim may use the "ctags *" command (suggested in
the ctags documentation) in a situation where the current working directory
has contents that depend on untrusted input.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-45939
(* Security fix *)
patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txz: Upgraded.
This update fixes various security issues such as a heap-based buffer
overflow and use after free.
For more information, see:
https://www.cve.org/CVERecord?id=CVE-2022-4141
https://www.cve.org/CVERecord?id=CVE-2022-3591
https://www.cve.org/CVERecord?id=CVE-2022-3520
https://www.cve.org/CVERecord?id=CVE-2022-3491
https://www.cve.org/CVERecord?id=CVE-2022-4292
https://www.cve.org/CVERecord?id=CVE-2022-4293
(* Security fix *)
patches/packages/vim-gvim-9.0.1034-x86_64-1_slack15.0.txz: Upgraded.
Diffstat (limited to 'patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txt')
-rw-r--r-- | patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txt b/patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txt new file mode 100644 index 000000000..4a843388d --- /dev/null +++ b/patches/packages/vim-9.0.1034-x86_64-1_slack15.0.txt @@ -0,0 +1,11 @@ +vim: vim (Vi IMproved) +vim: +vim: Vim is an almost compatible version of the UNIX editor vi. Many new +vim: features have been added: multi level undo, command line history, +vim: filename completion, block operations, and more. +vim: +vim: Vim's development is led by Bram Moolenaar. +vim: +vim: This package also contains the Exuberant Ctags program +vim: written by Darren Hiebert. +vim: |