[ubuntu/lunar-proposed] vim 2:9.0.1000-4ubuntu1 (Accepted)

Wed Jan 18 00:18:16 UTC 2023

vim (2:9.0.1000-4ubuntu1) lunar; urgency=medium

  * Merge from Debian Unstable. Remaining changes:
    - debian/runtime/vimrc:
      + "syntax on" is a sane default for non-tiny Vim.
    - debian/patches/debian/ubuntu-grub-syntax.patch:
      + Add Ubuntu-specific "quiet" keyword.
    - debian/patches/ubuntu-mouse-off.patch:
     + Mouse mode is actively harmful in some chroots.
    - debian/patches/patches/increase_timeout.diff:
      + Increase timeout for the Test_pattern_compile_speed patch.
    - debian/patches/0001-fix-flaky-terminal-mode-test.vim:
      + Fix flaky Vim terminal mode test.
    - debian/patches/0002-disable-failing-tests-on-ppc64.patch:
      + Disable some tests that were throwing an ENOMEM during build on
        ppc64el. The tests are only disabled when building on ppc64el.
  * SECURITY UPDATE: invalid memory access with bad 'statusline' value
    - debian/patches/CVE-2023-0049.patch: Avoid going over the NUL at the end
    - CVE-2023-0049
  * SECURITY UPDATE: reading beyond text
    - debian/patches/CVE-2023-0051.patch: Add strlen_maxlen() and use it
    - CVE-2023-0051
  * SECURITY UPDATE: Invalid memory access with recursive substitute expression
    - debian/patches/CVE-2023-0054.patch: Check the return value of vim_regsub
    - CVE-2023-0054
  * SECURITY UPDATE: Invalid memory access with folding and using "L"
    - debian/patches/CVE-2023-0288.patch: Prevent the cursor from moving to l0
    - CVE-2023-0288

vim (2:9.0.1000-4) unstable; urgency=medium

  * Backport patch to fix tests on IPv6-only hosts (Closes: #1027824)

Date: Tue, 17 Jan 2023 18:16:17 -0600
Changed-By: Simon Quigley <tsimonq2 at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/vim/2:9.0.1000-4ubuntu1
-------------- next part --------------
Format: 1.8
Date: Tue, 17 Jan 2023 18:16:17 -0600
Source: vim
Built-For-Profiles: noudeb
Architecture: source
Version: 2:9.0.1000-4ubuntu1
Distribution: lunar
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Simon Quigley <tsimonq2 at ubuntu.com>
Closes: 1027824
Changes:
 vim (2:9.0.1000-4ubuntu1) lunar; urgency=medium
 .
   * Merge from Debian Unstable. Remaining changes:
     - debian/runtime/vimrc:
       + "syntax on" is a sane default for non-tiny Vim.
     - debian/patches/debian/ubuntu-grub-syntax.patch:
       + Add Ubuntu-specific "quiet" keyword.
     - debian/patches/ubuntu-mouse-off.patch:
      + Mouse mode is actively harmful in some chroots.
     - debian/patches/patches/increase_timeout.diff:
       + Increase timeout for the Test_pattern_compile_speed patch.
     - debian/patches/0001-fix-flaky-terminal-mode-test.vim:
       + Fix flaky Vim terminal mode test.
     - debian/patches/0002-disable-failing-tests-on-ppc64.patch:
       + Disable some tests that were throwing an ENOMEM during build on
         ppc64el. The tests are only disabled when building on ppc64el.
   * SECURITY UPDATE: invalid memory access with bad 'statusline' value
     - debian/patches/CVE-2023-0049.patch: Avoid going over the NUL at the end
     - CVE-2023-0049
   * SECURITY UPDATE: reading beyond text
     - debian/patches/CVE-2023-0051.patch: Add strlen_maxlen() and use it
     - CVE-2023-0051
   * SECURITY UPDATE: Invalid memory access with recursive substitute expression
     - debian/patches/CVE-2023-0054.patch: Check the return value of vim_regsub
     - CVE-2023-0054
   * SECURITY UPDATE: Invalid memory access with folding and using "L"
     - debian/patches/CVE-2023-0288.patch: Prevent the cursor from moving to l0
     - CVE-2023-0288
 .
 vim (2:9.0.1000-4) unstable; urgency=medium
 .
   * Backport patch to fix tests on IPv6-only hosts (Closes: #1027824)
Checksums-Sha1:
 2592691d183f52776f92971fc471b9a336338bc5 3041 vim_9.0.1000-4ubuntu1.dsc
 cceab307fffee19e221839a9485aad1e972c4155 190392 vim_9.0.1000-4ubuntu1.debian.tar.xz
 d30bc90a81a24c4c345fcca23c8a3eeea1705558 8257 vim_9.0.1000-4ubuntu1_source.buildinfo
Checksums-Sha256:
 95b42a540950a71dfe7b29c663fe0fc86acaf4bcbb6976b17e8cffd3e767940a 3041 vim_9.0.1000-4ubuntu1.dsc
 7da4e52a2997da918d6a4a46e3506a30527e0250c75767a20df018fffb7b03a7 190392 vim_9.0.1000-4ubuntu1.debian.tar.xz
 31f6c986041756106a4c4f1792add052c734b80cfd11e33360a65cd73be539e9 8257 vim_9.0.1000-4ubuntu1_source.buildinfo
Files:
 123e1d04731b1cb55155a68ff3c1aec3 3041 editors optional vim_9.0.1000-4ubuntu1.dsc
 df20433a73ed9ba9ae6c7683d184d3e5 190392 editors optional vim_9.0.1000-4ubuntu1.debian.tar.xz
 ec51a63c32675f581c3e1424ed744259 8257 editors optional vim_9.0.1000-4ubuntu1_source.buildinfo
Original-Maintainer: Debian Vim Maintainers <team+vim at tracker.debian.org>