[ubuntu/xenial-security] vim 2:7.4.1689-3ubuntu1.2 (Accepted)

Steve Beattie sbeattie at ubuntu.com
Mon Nov 28 23:59:49 UTC 2016

vim (2:7.4.1689-3ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: arbitrary shell execution via modelines
    - debian/patches/upstream/CVE-2016-1248.patch: Only allow valid
      characters in 'filetype', 'syntax' and 'keymap'. Tests adapted
      back to vim 7.4 by James McCoy of Debian, thanks!
    - CVE-2016-1248

Date: 2016-11-24 20:41:14.974015+00:00
Changed-By: Steve Beattie <sbeattie at ubuntu.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Xenial-changes mailing list