diff --git a/vim-9.0.1894.tar.gz b/vim-9.0.1894.tar.gz deleted file mode 100644 index c3200ab..0000000 --- a/vim-9.0.1894.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:fbad90b9bb238fb6ad4362e6e31e1495af2890b0aa89e464b7ae21418ef4b23a -size 17267016 diff --git a/vim-9.1.0111.tar.gz b/vim-9.1.0111.tar.gz new file mode 100644 index 0000000..09bd90e --- /dev/null +++ b/vim-9.1.0111.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:89083b5bcf6a25101d35c2c61d196640ea267a2868d57c14f18b13ed16dc808c +size 17687577 diff --git a/vim.changes b/vim.changes index 45ba12d..caba4fa 100644 --- a/vim.changes +++ b/vim.changes @@ -1,3 +1,28 @@ +------------------------------------------------------------------- +Thu Feb 29 16:49:15 UTC 2024 - Zoltan Balogh + +- Updated to version 9.1 with patch level 0111, fixes the following security problems + * Fixing bsc#1217316 (CVE-2023-48231) - VUL-0: CVE-2023-48231: vim: Use-After-Free in win_close() + * Fixing bsc#1217320 (CVE-2023-48232) - VUL-0: CVE-2023-48232: vim: Floating point Exception in adjust_plines_for_skipcol() + * Fixing bsc#1217321 (CVE-2023-48233) - VUL-0: CVE-2023-48233: vim: overflow with count for :s command + * Fixing bsc#1217324 (CVE-2023-48234) - VUL-0: CVE-2023-48234: vim: overflow in nv_z_get_count + * Fixing bsc#1217326 (CVE-2023-48235) - VUL-0: CVE-2023-48235: vim: overflow in ex address parsing + * Fixing bsc#1217329 (CVE-2023-48236) - VUL-0: CVE-2023-48236: vim: overflow in get_number + * Fixing bsc#1217330 (CVE-2023-48237) - VUL-0: CVE-2023-48237: vim: overflow in shift_line + * Fixing bsc#1217432 (CVE-2023-48706) - VUL-0: CVE-2023-48706: vim: heap-use-after-free in ex_substitute + * Fixing bsc#1219581 (CVE-2024-22667) - VUL-0: CVE-2024-22667: vim: stack-based buffer overflow in did_set_langmap function in map.c + * Fixing bsc#1215005 (CVE-2023-4750) - VUL-0: CVE-2023-4750: vim: Heap use-after-free in function bt_quickfix + * Fixing bsc#1215940 (CVE-2023-5344) - VUL-0: CVE-2023-5344: vim: Heap-based Buffer Overflow in vim prior to 9.0.1969. + * Fixing bsc#1216001 (CVE-2023-5441) - VUL-0: CVE-2023-5441: vim: segfault in exmode when redrawing + * Fixing bsc#1216167 (CVE-2023-5535) - VUL-0: CVE-2023-5535: vim: use-after-free from buf_contents_changed() + * Fixing bsc#1216696 (CVE-2023-46246) - VUL-0: CVE-2023-46246: vim: Integer Overflow in :history command + * Fixing bsc#1215004 (CVE-2023-4733) - VUL-0: CVE-2023-4733: vim: use-after-free in function buflist_altfpos + * Fixing bsc#1215006 (CVE-2023-4752) - VUL-0: CVE-2023-4752: vim: Heap Use After Free in function ins_compl_get_exp + * Fixing bsc#1215033 (CVE-2023-4781) - VUL-0: CVE-2023-4781: vim: heap-buffer-overflow in function vim_regsub_both +- for the complete list of changes see + https://github.com/vim/vim/compare/v9.0.1894...v9.1.0111 + + ------------------------------------------------------------------- Mon Sep 11 14:51:02 UTC 2023 - Ondřej Súkup diff --git a/vim.spec b/vim.spec index 30b09d9..7f5301e 100644 --- a/vim.spec +++ b/vim.spec @@ -1,7 +1,7 @@ # # spec file for package vim # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,10 +16,10 @@ # -%define pkg_version 9.0 -%define patchlevel 1894 +%define pkg_version 9.1 +%define patchlevel 0111 %define patchlevel_compact %{patchlevel} -%define VIM_SUBDIR vim90 +%define VIM_SUBDIR vim91 %define site_runtimepath %{_datadir}/vim/site %define make make VIMRCLOC=%{_sysconfdir} VIMRUNTIMEDIR=%{_datadir}/vim/current MAKE="make -e" %{?_smp_mflags} %if 0%{?suse_version} > 1500 @@ -33,7 +33,6 @@ Version: %{pkg_version}.%{patchlevel_compact} Release: 0 Summary: Vi IMproved License: Vim -Group: Productivity/Text/Editors URL: https://www.vim.org/ Source: https://github.com/vim/vim/archive/v%{pkg_version}.%{patchlevel}.tar.gz#/vim-%{pkg_version}.%{patchlevel}.tar.gz Source3: suse.vimrc @@ -138,7 +137,6 @@ file name completion, block operations, and editing of binary data. %package data Summary: Data files needed for extended vim functionality -Group: Productivity/Text/Editors Requires: vim-data-common = %{version}-%{release} # Used to be in vim-plugins package Obsoletes: vim-plugin-matchit <= 1.13.2 @@ -153,7 +151,6 @@ This package contains optional runtime & syntax files for vim. %package data-common Summary: Common Data files for vim & gvim -Group: Productivity/Text/Editors BuildArch: noarch %description data-common @@ -161,7 +158,6 @@ This package contains basic runtime & syntax files for vim %package -n gvim Summary: A GUI for Vi -Group: Productivity/Text/Editors Requires: gvim_client Requires: vim-data = %{version}-%{release} Requires: xxd = %{version}-%{release} @@ -189,7 +185,6 @@ want less features, you might want to install vim instead. %package small Summary: Vim with reduced features -Group: Productivity/Text/Editors Requires: vim-data-common = %{version}-%{release} Provides: vi Provides: vim_client @@ -216,23 +211,23 @@ a hex dump back to its original binary form. %prep %setup -q -n %{name}-%{pkg_version}.%{patchlevel} -%patch3 -p1 -%patch4 -p1 -%patch5 -p1 -%patch6 -p1 -%patch7 -p1 -%patch8 -p1 -%patch9 -p1 -%patch10 -p1 -%patch11 -p1 +%patch -P 3 -p1 +%patch -P 4 -p1 +%patch -P 5 -p1 +%patch -P 6 -p1 +%patch -P 7 -p1 +%patch -P 8 -p1 +%patch -P 9 -p1 +%patch -P 10 -p1 +%patch -P 11 -p1 cp %{SOURCE23} runtime/syntax/apparmor.vim -%patch15 -p1 -%patch18 -p1 -%patch21 -p1 -%patch22 -p1 -%patch100 -p1 -%patch101 -p1 -%patch104 -p1 +%patch -P 15 -p1 +%patch -P 18 -p1 +%patch -P 21 -p1 +%patch -P 22 -p1 +%patch -P 100 -p1 +%patch -P 101 -p1 +%patch -P 104 -p1 cp %{SOURCE3} %{SOURCE4} %{SOURCE5} %{SOURCE8} %{SOURCE10} . %build