[ubuntu/xenial-security] vim 2:7.4.1689-3ubuntu1.2 (Accepted)
Steve Beattie
sbeattie at ubuntu.com
Mon Nov 28 23:59:49 UTC 2016
vim (2:7.4.1689-3ubuntu1.2) xenial-security; urgency=medium
* SECURITY UPDATE: arbitrary shell execution via modelines
- debian/patches/upstream/CVE-2016-1248.patch: Only allow valid
characters in 'filetype', 'syntax' and 'keymap'. Tests adapted
back to vim 7.4 by James McCoy of Debian, thanks!
- CVE-2016-1248
Date: 2016-11-24 20:41:14.974015+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
https://launchpad.net/ubuntu/+source/vim/2:7.4.1689-3ubuntu1.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Xenial-changes
mailing list