[ubuntu/trusty-security] vim 2:7.4.052-1ubuntu3.1 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Mon Nov 28 23:59:49 UTC 2016
vim (2:7.4.052-1ubuntu3.1) trusty-security; urgency=medium
* SECURITY UPDATE: arbitrary shell execution via modelines
- debian/patches/upstream/CVE-2016-1248.patch: Only allow valid
characters in 'filetype', 'syntax' and 'keymap'. Tests adapted
back to vim 7.3 by James McCoy of Debian, thanks! Patch is also
updated to add the tests to the set that are run during the build.
- CVE-2016-1248
Date: 2016-11-24 16:38:17.725918+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/vim/2:7.4.052-1ubuntu3.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Trusty-changes
mailing list