[ubuntu/noble-proposed] vim 2:9.0.2018-1ubuntu1 (Accepted)

Simon Quigley tsimonq2 at ubuntu.com
Thu Oct 26 00:01:19 UTC 2023


vim (2:9.0.2018-1ubuntu1) noble; urgency=medium

  * Merge from Debian Unstable. Remaining changes:
    - debian/runtime/vimrc:
      + "syntax on" is a sane default for non-tiny Vim.
    - debian/patches/debian/ubuntu-grub-syntax.patch:
      + Add Ubuntu-specific "quiet" keyword.
    - debian/patches/ubuntu-mouse-off.patch:
     + Mouse mode is actively harmful in some chroots.
    - debian/patches/patches/increase_timeout.diff:
      + Increase timeout for the Test_pattern_compile_speed patch.
    - debian/patches/0001-fix-flaky-terminal-mode-test.vim:
      + Fix flaky Vim terminal mode test.
    - debian/patches/0002-disable-failing-tests-on-ppc64.patch:
      + Disable some tests that were throwing an ENOMEM during build on
        ppc64el. The tests are only disabled when building on ppc64el.
  * debian/patches/ubuntu-codenames.patch:
    - Update the supported list of codenames.

vim (2:9.0.2018-1) unstable; urgency=medium

  * Merge upstream patch v9.0.2018
    + Security fixes
      - 9.0.1969: buffer-overflow in trunc_string() (Closes: #1053694,
        CVE-2023-5344)
      - 9.0.1992: segfault in exmode when redrawing, CVE-2023-5441
      - 9.0.2010: use-after-free from buf_contents_changed(), CVE-2023-5535
  * xxd: Remove obsolete Breaks/Replaces on vim-common

vim (2:9.0.1894-1) unstable; urgency=medium

  * The "Farewell, Bram" upload
  * Merge upstream patch v9.0.1894
    + Vulnerability fixes
      - 9.0.1664: Divide by zero when scrolling with 'smoothscroll' set,
        CVE-2023-3896
      - 9.0.1840: Use after free in do_ecmd, CVE-2023-4733
      - 9.0.1846: Crash when fullcommand() is called with an invalid argument,
        CVE-2023-4734
      - 9.0.1847: Out of bounds write in do_addsub(), CVE-2023-4735
      - 9.0.1848: Buffer overflow in vim_regsub_both(), CVE-2023-4738
      - 9.0.1857: Heap use after free in is_qf_win(), CVE-2023-4750
      - 9.0.1858: Heap use after free in ins_compl_get_exp(), CVE-2023-4752
      - 9.0.1873: Heap buffer overflow in vim_regsub_both(), CVE-2023-4781
    + 9.0.1682: Use little-endian byte order for sodium encrypted files.  This
      allows re-enabling the crypt tests on big-endian platforms.
    + 9.0.1683: Use Lua 5.1 compatible numeric escapes to fix if_lua tests
      with Lua 5.1.
    + 9.0.1739: Ensure all libvterm files are cleaned during "make clean"
    + Ship an "editorconfig" plugin as an optional package.
  * Adjust copyright years and license text for Bram's passing
  * Fix the check for when to run "make distclean" (Closes: #1045719)
  * Build against Lua 5.1 instead of Lua 5.2 (Closes: #1050637)
  * Re-enable Test_uncrypt_xchacha20 tests on big-endian systems
  * Skip flaky test Test_crash1

Date: Fri, 20 Oct 2023 12:00:25 -0500
Changed-By: Simon Quigley <tsimonq2 at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/vim/2:9.0.2018-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Fri, 20 Oct 2023 12:00:25 -0500
Source: vim
Built-For-Profiles: noudeb
Architecture: source
Version: 2:9.0.2018-1ubuntu1
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Simon Quigley <tsimonq2 at ubuntu.com>
Closes: 1045719 1050637 1053694
Changes:
 vim (2:9.0.2018-1ubuntu1) noble; urgency=medium
 .
   * Merge from Debian Unstable. Remaining changes:
     - debian/runtime/vimrc:
       + "syntax on" is a sane default for non-tiny Vim.
     - debian/patches/debian/ubuntu-grub-syntax.patch:
       + Add Ubuntu-specific "quiet" keyword.
     - debian/patches/ubuntu-mouse-off.patch:
      + Mouse mode is actively harmful in some chroots.
     - debian/patches/patches/increase_timeout.diff:
       + Increase timeout for the Test_pattern_compile_speed patch.
     - debian/patches/0001-fix-flaky-terminal-mode-test.vim:
       + Fix flaky Vim terminal mode test.
     - debian/patches/0002-disable-failing-tests-on-ppc64.patch:
       + Disable some tests that were throwing an ENOMEM during build on
         ppc64el. The tests are only disabled when building on ppc64el.
   * debian/patches/ubuntu-codenames.patch:
     - Update the supported list of codenames.
 .
 vim (2:9.0.2018-1) unstable; urgency=medium
 .
   * Merge upstream patch v9.0.2018
     + Security fixes
       - 9.0.1969: buffer-overflow in trunc_string() (Closes: #1053694,
         CVE-2023-5344)
       - 9.0.1992: segfault in exmode when redrawing, CVE-2023-5441
       - 9.0.2010: use-after-free from buf_contents_changed(), CVE-2023-5535
   * xxd: Remove obsolete Breaks/Replaces on vim-common
 .
 vim (2:9.0.1894-1) unstable; urgency=medium
 .
   * The "Farewell, Bram" upload
   * Merge upstream patch v9.0.1894
     + Vulnerability fixes
       - 9.0.1664: Divide by zero when scrolling with 'smoothscroll' set,
         CVE-2023-3896
       - 9.0.1840: Use after free in do_ecmd, CVE-2023-4733
       - 9.0.1846: Crash when fullcommand() is called with an invalid argument,
         CVE-2023-4734
       - 9.0.1847: Out of bounds write in do_addsub(), CVE-2023-4735
       - 9.0.1848: Buffer overflow in vim_regsub_both(), CVE-2023-4738
       - 9.0.1857: Heap use after free in is_qf_win(), CVE-2023-4750
       - 9.0.1858: Heap use after free in ins_compl_get_exp(), CVE-2023-4752
       - 9.0.1873: Heap buffer overflow in vim_regsub_both(), CVE-2023-4781
     + 9.0.1682: Use little-endian byte order for sodium encrypted files.  This
       allows re-enabling the crypt tests on big-endian platforms.
     + 9.0.1683: Use Lua 5.1 compatible numeric escapes to fix if_lua tests
       with Lua 5.1.
     + 9.0.1739: Ensure all libvterm files are cleaned during "make clean"
     + Ship an "editorconfig" plugin as an optional package.
   * Adjust copyright years and license text for Bram's passing
   * Fix the check for when to run "make distclean" (Closes: #1045719)
   * Build against Lua 5.1 instead of Lua 5.2 (Closes: #1050637)
   * Re-enable Test_uncrypt_xchacha20 tests on big-endian systems
   * Skip flaky test Test_crash1
Checksums-Sha1:
 d748b1bdc9ac268dcc5f600da21c8cca21f112cc 3041 vim_9.0.2018-1ubuntu1.dsc
 af245c00cca5814ea22125d984061d748119c673 11369248 vim_9.0.2018.orig.tar.xz
 6d711964ddb563bf7bfc31c9b9b0810def0d3e1b 205396 vim_9.0.2018-1ubuntu1.debian.tar.xz
 55c3d7434588e8780e40bd8ae45d1c9e4a5a7cf4 8603 vim_9.0.2018-1ubuntu1_source.buildinfo
Checksums-Sha256:
 698df5201d130c4164af87e579bff3ec8fa72236ad6e8515773d8f37a3a8ac3a 3041 vim_9.0.2018-1ubuntu1.dsc
 448f79297aafde3d66556857cdea589130d34008cd3a2fa0cb8d57869c01003f 11369248 vim_9.0.2018.orig.tar.xz
 952389aaca2ac1ed96b43d572d25650d3ad7f91a7989097ce3669de85f48856e 205396 vim_9.0.2018-1ubuntu1.debian.tar.xz
 2e3d4f698bce87b821ca5edf3167c4240e77ead3d2a676f3715f169a7ad3ee58 8603 vim_9.0.2018-1ubuntu1_source.buildinfo
Files:
 d6404e8e0ef62d19e5e4c3b9a04243eb 3041 editors optional vim_9.0.2018-1ubuntu1.dsc
 87e96b59830c916f7131d4924f82c60e 11369248 editors optional vim_9.0.2018.orig.tar.xz
 a9577a555e3fe2a717e3f37b6904ab60 205396 editors optional vim_9.0.2018-1ubuntu1.debian.tar.xz
 09751aefa043daea963a735f0f332227 8603 editors optional vim_9.0.2018-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Vim Maintainers <team+vim at tracker.debian.org>


More information about the noble-changes mailing list