Mail archive
alpine-aports

[alpine-aports] [PATCH edge] main/vim: security upgrade to 8.0.0329 - fixes #6862

From: Sergei Lukin <sergej.lukin_at_gmail.com>
Date: Wed, 15 Feb 2017 14:35:27 +0000

CVE-2017-5953: Tree length values not validated properly when handling a spell file
---
 main/vim/APKBUILD | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)
diff --git a/main/vim/APKBUILD b/main/vim/APKBUILD
index 05af8fb122..9b2f97850e 100644
--- a/main/vim/APKBUILD
+++ b/main/vim/APKBUILD
_at_@ -1,8 +1,9 @@
+# Contributor: Sergei Lukin <sergej.lukin_at_gmail.com>
 # Contributor: Łukasz Jendrysik <scadu_at_yandex.com>
 # Contributor: Sören Tempel <soeren+alpine_at_soeren-tempel.net>
 # Maintainer: Natanael Copa <ncopa_at_alpinelinux.org>
 pkgname=vim
-pkgver=8.0.0187
+pkgver=8.0.0329
 pkgrel=0
 pkgdesc="advanced text editor"
 url="http://www.vim.org"
_at_@ -17,6 +18,8 @@ source="$pkgname-$pkgver.tar.gz::https://github.com/$pkgname/$pkgname/archive/v$
 builddir="$srcdir/$pkgname-$pkgver"
 
 # secfixes:
+#   8.0.0329-r0:
+#     - CVE-2017-5953
 #   8.0.0056-r0:
 #     - CVE-2016-1248
 
_at_@ -61,9 +64,5 @@ vimdiff() {
 	mv "$pkgdir"/usr/bin/vimdiff "$subpkgdir"/usr/bin
 }
 
-md5sums="129e098db4b8746f894323fa3f5a40a9  vim-8.0.0187.tar.gz
-97aecde2ab504e543a96bec84b3b5638  vimrc"
-sha256sums="86f972c5e11871a0de172068f9bbeb117e2aa42fd342034820e74ea6276c3cdd  vim-8.0.0187.tar.gz
-7ac7e5fd75fe315fd8b3ca4172056ebb9f06df0b5985d3ff88133dfcdd87076b  vimrc"
-sha512sums="69f1f33fdd420397a0e732e9ce5111a48f6aae3bb10ee766fa7c6d8abc95d7175c6a0bdf4a241c3bd7b9fa33dedf7ffcb584bfc8fb79b70d3d7d44197623d45b  vim-8.0.0187.tar.gz
+sha512sums="f2f7f07408f500abc846e5d7ef10472a7aa5dea341fcc576c9487a2ff77acbf8e5a1f0324f8a8a29472e5505dabf5f652ee4d0fca0d017818fe39fceaa956c5b  vim-8.0.0329.tar.gz
 d9586b777881973cb5e48e18750336a522ed72c3127b2d6b6991e2b943468ca5b694476e7fa39ab469178c1375fc8f52627484e0fe377aea5811a513e35a7b02  vimrc"
-- 
2.11.1
---
Unsubscribe:  alpine-aports+unsubscribe_at_lists.alpinelinux.org
Help:         alpine-aports+help_at_lists.alpinelinux.org
---
Received on Wed Feb 15 2017 - 14:35:27 GMT