[Buildroot] [PATCH] vim: security bump to version 8.0.0329

Peter Korsgaard peter at korsgaard.com
Tue Feb 14 10:18:10 UTC 2017


>>>>> "Peter" == Peter Korsgaard <peter at korsgaard.com> writes:

 > Fixes:
 > - CVE-2016-1248: vim before patch 8.0.0056 does not properly validate values
 >   for the 'filetype', 'syntax' and 'keymap' options, which may result in the
 >   execution of arbitrary code if a file with a specially crafted modeline is
 >   opened.

 > - CVE-2017-5953: vim before patch 8.0.0322 does not properly validate values
 >   for tree length when handling a spell file, which may result in an integer
 >   overflow at a memory allocation site and a resultant buffer overflow.

 > Signed-off-by: Peter Korsgaard <peter at korsgaard.com>

Committed, thanks.

-- 
Bye, Peter Korsgaard



More information about the buildroot mailing list