[ubuntu/noble-proposed] vim 2:9.0.2116-1ubuntu1 (Accepted)

Simon Quigley tsimonq2 at ubuntu.com
Mon Nov 20 23:19:11 UTC 2023 

vim (2:9.0.2116-1ubuntu1) noble; urgency=medium

  * Merge from Debian Unstable. Remaining changes:
    - debian/runtime/vimrc:
      + "syntax on" is a sane default for non-tiny Vim.
    - debian/patches/debian/ubuntu-grub-syntax.patch:
      + Add Ubuntu-specific "quiet" keyword.
    - debian/patches/ubuntu-mouse-off.patch:
     + Mouse mode is actively harmful in some chroots.
    - debian/patches/patches/increase_timeout.diff:
      + Increase timeout for the Test_pattern_compile_speed patch.
    - debian/patches/0001-fix-flaky-terminal-mode-test.vim:
      + Fix flaky Vim terminal mode test.
    - debian/patches/0002-disable-failing-tests-on-ppc64.patch:
      + Disable some tests that were throwing an ENOMEM during build on
        ppc64el. The tests are only disabled when building on ppc64el.

vim (2:9.0.2116-1) unstable; urgency=medium

  * Merge upstream patch v9.0.2116
    + Security fixes
      - 9.0.2106: Use-after-free in win_close(), CVE-2023-48231
      - 9.0.2107: FPE in adjust_plines_for_skipcol, CVE-2023-48232
      - 9.0.2108: overflow with count for :s command. Abort command if count
        is too large, CVE-2023-48233
      - 9.0.2109: overflow in nv_z_get_count. Limit max value of count,
        CVE-2023-48234
      - 9.0.2110: overflow in ex address parsing. Verify lnum is positive
        before subtracting from LONG_MAX, CVE-2023-48235
      - 9.0.2111: overflow in get_number. Return 0 when the count gets too
        large, CVE-2023-48236
      - 9.0.2112: overflow in shift_line. Limit indent to INT_MAX,
        CVE-2023-48237
    + 9.0.2116: Crash when callback function aborts because of recursiveness.
      - Fixes FTBFS on armel

vim (2:9.0.2103-1) unstable; urgency=medium

  * Merge upstream patch v9.0.2103
    + 9.0.2103: Fix FTBFS on 32-bit architectures due to recursive callback
      test.  Limit recursiveness to 20 levels, rather than 100.

Date: Mon, 20 Nov 2023 17:12:45 -0600
Changed-By: Simon Quigley <tsimonq2 at ubuntu.com>
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
https://launchpad.net/ubuntu/+source/vim/2:9.0.2116-1ubuntu1
-------------- next part --------------
Format: 1.8
Date: Mon, 20 Nov 2023 17:12:45 -0600
Source: vim
Built-For-Profiles: noudeb
Architecture: source
Version: 2:9.0.2116-1ubuntu1
Distribution: noble
Urgency: medium
Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
Changed-By: Simon Quigley <tsimonq2 at ubuntu.com>
Changes:
 vim (2:9.0.2116-1ubuntu1) noble; urgency=medium
 .
   * Merge from Debian Unstable. Remaining changes:
     - debian/runtime/vimrc:
       + "syntax on" is a sane default for non-tiny Vim.
     - debian/patches/debian/ubuntu-grub-syntax.patch:
       + Add Ubuntu-specific "quiet" keyword.
     - debian/patches/ubuntu-mouse-off.patch:
      + Mouse mode is actively harmful in some chroots.
     - debian/patches/patches/increase_timeout.diff:
       + Increase timeout for the Test_pattern_compile_speed patch.
     - debian/patches/0001-fix-flaky-terminal-mode-test.vim:
       + Fix flaky Vim terminal mode test.
     - debian/patches/0002-disable-failing-tests-on-ppc64.patch:
       + Disable some tests that were throwing an ENOMEM during build on
         ppc64el. The tests are only disabled when building on ppc64el.
 .
 vim (2:9.0.2116-1) unstable; urgency=medium
 .
   * Merge upstream patch v9.0.2116
     + Security fixes
       - 9.0.2106: Use-after-free in win_close(), CVE-2023-48231
       - 9.0.2107: FPE in adjust_plines_for_skipcol, CVE-2023-48232
       - 9.0.2108: overflow with count for :s command. Abort command if count
         is too large, CVE-2023-48233
       - 9.0.2109: overflow in nv_z_get_count. Limit max value of count,
         CVE-2023-48234
       - 9.0.2110: overflow in ex address parsing. Verify lnum is positive
         before subtracting from LONG_MAX, CVE-2023-48235
       - 9.0.2111: overflow in get_number. Return 0 when the count gets too
         large, CVE-2023-48236
       - 9.0.2112: overflow in shift_line. Limit indent to INT_MAX,
         CVE-2023-48237
     + 9.0.2116: Crash when callback function aborts because of recursiveness.
       - Fixes FTBFS on armel
 .
 vim (2:9.0.2103-1) unstable; urgency=medium
 .
   * Merge upstream patch v9.0.2103
     + 9.0.2103: Fix FTBFS on 32-bit architectures due to recursive callback
       test.  Limit recursiveness to 20 levels, rather than 100.
Checksums-Sha1:
 a4d5b9202513b9fe234fc9a73072ef384353dc84 3041 vim_9.0.2116-1ubuntu1.dsc
 bcd610332d16d000fd08a2f6588bdc87ce960751 11392984 vim_9.0.2116.orig.tar.xz
 7e6327b01756d766ff17e27425796838b3fa9145 205412 vim_9.0.2116-1ubuntu1.debian.tar.xz
 4507db5e82b34a049cd09943f949c6b71fd1b2ff 8666 vim_9.0.2116-1ubuntu1_source.buildinfo
Checksums-Sha256:
 c156c4e549981323a549942e00699a3ccaa8a6fbc30a54370b48329beb877766 3041 vim_9.0.2116-1ubuntu1.dsc
 b8e4d64b949ec16e37b8fe2df011475a1a6ac1eeb25fc518ae0fb97ce8b6a828 11392984 vim_9.0.2116.orig.tar.xz
 1f7bf4b305e907d78d0d7bdf7634da6ab8da2ff1692dc2ceb7b044836787c568 205412 vim_9.0.2116-1ubuntu1.debian.tar.xz
 df3a5ca087aabd43c8b9e9107ae5ab56554b318375c8116ac304b822c6d0be97 8666 vim_9.0.2116-1ubuntu1_source.buildinfo
Files:
 3cbbcb223abcf6370480c63617bdb0d0 3041 editors optional vim_9.0.2116-1ubuntu1.dsc
 f46dfb8b4376e8eb9ca0dc713b66a103 11392984 editors optional vim_9.0.2116.orig.tar.xz
 fb7842bbcefdb8a2efeaea0c8a3395f4 205412 editors optional vim_9.0.2116-1ubuntu1.debian.tar.xz
 22e9e687280973a07eb716a1b77bb836 8666 editors optional vim_9.0.2116-1ubuntu1_source.buildinfo
Original-Maintainer: Debian Vim Maintainers <team+vim at tracker.debian.org>

More information about the noble-changes mailing list