rpms/vim
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import vim-8.0.1763-16.el8_5.2

Browse Source
This commit is contained in:
CentOS Sources 2021-11-11 08:23:49 +00:00 committed by Stepan Oksanichenko
parent f6d9a3be34
commit 9852850995
2 changed files with 44 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

35
SOURCES/0001-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch Normal file
View File

@ -0,0 +1,35 @@
diff -up vim80/src/screen.c.cve3872 vim80/src/screen.c
--- vim80/src/screen.c.cve3872 2021-10-21 13:20:27.694921335 +0200
+++ vim80/src/screen.c 2021-10-21 13:22:42.221732996 +0200
@@ -6911,13 +6911,13 @@ win_redr_status(win_T *wp)
*(p + len++) = ' ';
if (bt_help(wp->w_buffer))
{
- STRCPY(p + len, _("[Help]"));
+ vim_snprintf((char *)p + len, MAXPATHL - len, "%s", _("[Help]"));
len += (int)STRLEN(p + len);
}
#ifdef FEAT_QUICKFIX
if (wp->w_p_pvw)
{
- STRCPY(p + len, _("[Preview]"));
+ vim_snprintf((char *)p + len, MAXPATHL - len, "%s", _("[Preview]"));
len += (int)STRLEN(p + len);
}
#endif
@@ -6927,12 +6927,12 @@ win_redr_status(win_T *wp)
#endif
)
{
- STRCPY(p + len, "[+]");
- len += 3;
+ vim_snprintf((char *)p + len, MAXPATHL - len, "%s", "[+]");
+ len += (int)STRLEN(p + len);
}
if (wp->w_buffer->b_p_ro)
{
- STRCPY(p + len, _("[RO]"));
+ vim_snprintf((char *)p + len, MAXPATHL - len, "%s", _("[RO]"));
len += (int)STRLEN(p + len);
}

10
SPECS/vim.spec
View File

@ -24,7 +24,7 @@ Summary: The VIM editor
URL: http://www.vim.org/
Name: vim
Version: %{baseversion}.%{patchlevel}
Release: 16%{?dist}
Release: 16%{?dist}.2
License: Vim and MIT
Source0: ftp://ftp.vim.org/pub/vim/unix/vim-%{baseversion}-%{patchlevel}.tar.bz2
Source1: vim.sh
@ -79,6 +79,7 @@ Patch3021: 0001-patch-8.1.0881-can-execute-shell-commands-in-rvim-th.patch
Patch3022: vim-cve3796.patch
# 2004891 - CVE-2021-3778 vim: heap-based buffer overflow in utf_ptr2char() in mbyte.c [rhel-8.5.0]
Patch3023: vim-cve3778-fix.patch
Patch3024: 0001-patch-8.2.3487-illegal-memory-access-if-buffer-name-.patch
# gcc is no longer in buildroot by default
BuildRequires: gcc
@ -279,6 +280,7 @@ perl -pi -e "s,bin/nawk,bin/awk,g" runtime/tools/mve.awk
%patch3021 -p1 -b .rvim
%patch3022 -p1 -b .cve3796
%patch3023 -p1 -b .cve3778
%patch3024 -p1 -b .cve3872
%build
%if 0%{?rhel} > 7
@ -797,6 +799,12 @@ touch %{buildroot}/%{_datadir}/%{name}/vimfiles/doc/tags
%{_datadir}/icons/locolor/*/apps/*
%changelog
* Tue Oct 26 2021 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.0.1763-16.2
- remove the upstream test - uses a feature which is not presented in RHEL 8
* Tue Oct 26 2021 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.0.1763-16.1
- CVE-2021-3872 vim: heap-based buffer overflow in win_redr_status() drawscreen.c [rhel-8.6.0]
* Mon Sep 20 2021 Zdenek Dohnal <zdohnal@redhat.com> - 2:8.0.1763-16
- 2004974 - CVE-2021-3796 vim: use-after-free in nv_replace() in normal.c [rhel-8.5.0]
- 2004891 - CVE-2021-3778 vim: heap-based buffer overflow in utf_ptr2char() in mbyte.c [rhel-8.5.0]