-
vim (2:8.0.1453-1ubuntu1.13) bionic-security; urgency=medium
* SECURITY UPDATE: use-after-free when matching inside a visual selection
- debian/patches/CVE-2021-4192.patch: get the line again after getvvcol().
- CVE-2021-4192
* SECURITY UPDATE: out-of-bounds read when processing data in visual mode
- debian/patches/CVE-2021-4193.patch: check for valid column in getvcol().
- CVE-2021-4193
* SECURITY UPDATE: heap buffer overflow when processing long file names
- debian/patches/CVE-2022-0213.patch: check length when appending a space.
- CVE-2022-0213
* SECURITY UPDATE: heap-based buffer overflow when performing a block insert
- debian/patches/CVE-2022-0261.patch: handle invalid byte better. Fix
inserting the wrong text.
- debian/patches/CVE-2022-0318-1.patch: for block insert only use the
offset for correcting the length.
- debian/patches/CVE-2022-0318-2.patch: adjust the expected output for
utf8 block insert test.
- CVE-2022-0261
- CVE-2022-0318
* SECURITY UPDATE: out-of-bounds read when exchanging windows in visual mode
- debian/patches/CVE-2022-0319.patch: correct end of Visual area when
entering another buffer.
- CVE-2022-0319
* SECURITY UPDATE: stack pointer corruption when parsing too many brackets
in expression
- debian/patches/CVE-2022-0351.patch: limit recursion to 1000.
- CVE-2022-0351
* SECURITY UPDATE: illegal memory access when processing large indent in ex
mode
- debian/patches/CVE-2022-0359.patch: allocate enough memory.
- CVE-2022-0359
* SECURITY UPDATE: illegal memory access when copying lines in visual mode
- debian/patches/CVE-2022-0361.patch: adjust the Visual position after
copying lines.
- CVE-2022-0361
* SECURITY UPDATE: illegal memory access when undo makes visual area invalid
in visual mode
- debian/patches/CVE-2022-0368.patch: correct the Visual area after undo.
- CVE-2022-0368
* SECURITY UPDATE: stack corruption when looking for spelling suggestions
- debian/patches/CVE-2022-0408.patch: prevent the depth increased too
much. Add a five second time limit to finding suggestions.
- CVE-2022-0408
* SECURITY UPDATE: use of freed memory when managing buffers
- debian/patches/CVE-2022-0443.patch: do not use wiped out buffer.
- CVE-2022-0443
* SECURITY UPDATE: heap buffer overflow when processing vim buffers
- debian/patches/CVE-2022-0554.patch: when deleting the current buffer to
not pick a quickfix buffer as the new current buffer.
- CVE-2022-0554
* SECURITY UPDATE: heap buffer overflow when repeatedly using :retab
- debian/patches/CVE-2022-0572.patch: bail out when the line is getting
too long.
- CVE-2022-0572
* SECURITY UPDATE: out-of-range pointer offset when using special multi-byte
character
- debian/patches/CVE-2022-0685.patch: don't use isalpha() for an arbitrary
character.
- CVE-2022-0685
* SECURITY UPDATE: heap buffer overflow when processing anomalous
'vartabstop' value
- debian/patches/CVE-2022-0714.patch: check for running into the end of
the line.
- CVE-2022-0714
* SECURITY UPDATE: out-of-range pointer offset when processing specific
regexp pattern and string
- debian/patches/CVE-2022-0729.patch: stop at the start of the string.
- CVE-2022-0729
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2207.patch: adds a check to see if the cursor
column is great than zero.
- CVE-2022-2207
-- Nishit Majithia <email address hidden> Tue, 18 Apr 2023 14:50:34 +0530
-
vim (2:8.0.1453-1ubuntu1.12) bionic-security; urgency=medium
* SECURITY UPDATE: use after free
- debian/patches/CVE-2022-0413.patch: make a copy of the substitute pattern
that starts with "\=" in do_sub() in src/ex_cmds.c and free it at the end
of the method and add test case Test_using_old_sub in
src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1796.patch: make a copy of the pattern to search
for as it could get freed in do_window() in src/window.c and add test
case Test_define_search in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1898.patch: make a copy of the string as it could
get freed in nv_brackets() in src/normal.c, and add a test inside the
Test_define_search test case in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1968.patch: mitigates the potential for a use
after free scenario by making a copy of a buffer to use for future
reference
- debian/patches/CVE-2022-2946.patch: using freed memory when 'tagfunc'
deletes the buffer
- CVE-2022-0413
- CVE-2022-1796
- CVE-2022-1898
- CVE-2022-1968
- CVE-2022-2946
* SECURITY UPDATE: buffer over-read
- debian/patches/CVE-2022-1629.patch: add a check for null after a
backslash in find_next_quote() in src/search.c and add test case
Test_string_html_objects in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1720.patch: reading past end of line with "gf" in
Visual block mode
- debian/patches/CVE-2022-1733.patch: add a check for null when checking
for trailing ' in skip_string() in src/misc1.c and add test case
Test_cindent_check_funcdecl in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1735.patch: add a new function, check_visual_pos
in src/misc2.c and invoke it in src/change.c and src/edit.c. Add the new
function header in src/proto/misc2.pro and add test case
Test_visual_block_with_substitute in src/testdir/test_visual.vim.
- debian/patches/CVE-2022-1851.patch: add a call to check_cursor() after
formatting in op_format() in src/ops.c and add test case
Test_correct_cursor_position in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-2845.patch: reading before the start of the line
- CVE-2022-1629
- CVE-2022-1720
- CVE-2022-1733
- CVE-2022-1735
- CVE-2022-1851
- CVE-2022-2845
* SECURITY UPDATE: crash when matching buffer with invalid pattern
- debian/patches/CVE-2022-1674.patch: check for NULL regprog
- CVE-2022-1674
* SECURITY UPDATE: buffer over-write
- debian/patches/CVE-2022-1785.patch: add textlock flag to disallow
changing text or switching window before calling vim_regsub_multi() in
src/ex_cmds.c.
- CVE-2022-1785
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-1942.patch: adds a control to disallow the
opening of a command line window when text or buffer is locked.
- debian/patches/CVE-2022-2571.patch: reading past end of line with insert
mode completion
- debian/patches/CVE-2022-2849.patch: invalid memory access with for loop
over NULL string
- CVE-2022-1942
- CVE-2022-2571
- CVE-2022-2849
* SECURITY UPDATE: searching for quotes may go over the end of the line
- debian/patches/CVE-2022-2124.patch: check for running into the NULL
- CVE-2022-2124
* SECURITY UPDATE: lisp indenting my run over the end of the line
- debian/patches/CVE-2022-2125.patch: check for NULL earlier
- CVE-2022-2125
* SECURITY UPDATE: using invalid index when looking for spell suggestions
- debian/patches/CVE-2022-2126.patch: do not decrement the index when it
is zero
- CVE-2022-2126
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2022-2129.patch: prevents the editing of another file
when either curbuf_lock or textlock is set.
- CVE-2022-2129
* SECURITY UPDATE: invalid memory access when using an expression on the
command line
- debian/patches/CVE-2022-2175-1.patch: make sure the position does not
go negative
- debian/patches/CVE-2022-2175-2.patch: add missing #ifdef FEAT_EVAL
- CVE-2022-2175
* SECURITY UPDATE: reading beyond the end of the line with lisp indenting
- debian/patches/CVE-2022-2183.patch: avoid going over the NUL at the end
of the line
- CVE-2022-2183
* SECURITY UPDATE: accessing invalid memory after changing terminal size
- debian/patches/CVE-2022-2206.patch: adjust cmdline_row and msg_row to
the value of Rows
- CVE-2022-2206
* SECURITY UPDATE: spell dump may go beyond end of an array
- debian/patches/CVE-2022-2304.patch: limit the word length
- CVE-2022-2304
* SECURITY UPDATE: using freed memory with recursive substitution
- debian/patches/CVE-2022-2345.patch: always make a copy of
reg_prev_sub
- CVE-2022-2345
* SECURITY UPDATE: illegal memory access when pattern starts with
illegal byte
- debian/patches/CVE-2022-2581.patch: do not match a character with an
illegal byte
- CVE-2022-2581
* SECURITY UPDATE: null pointer dereference issue
- debian/patches/CVE-2022-2923.patch: crash when using ":mkspell" with an
empty .dic file
- CVE-2022-2923
-- Nishit Majithia <email address hidden> Mon, 03 Apr 2023 11:32:48 +0530
-
vim (2:8.0.1453-1ubuntu1.11) bionic-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference when creating blank mouse
pointer
- debian/patches/CVE-2022-47024.patch: only use the return value of
XChangeGC() when it is not NULL.
- CVE-2022-47024
* SECURITY UPDATE: invalid memory access with bad 'statusline' value
- debian/patches/CVE-2023-0049.patch: avoid going over the NULL at the end
of a statusline.
- CVE-2023-0049
* SECURITY UPDATE: invalid memory access with recursive substitute
expression
- debian/patches/CVE-2023-0054.patch: check the return value of
vim_regsub().
- CVE-2023-0054
* SECURITY UPDATE: invalid memory access with folding and using "L"
- debian/patches/CVE-2023-0288.patch: prevent the cursor from moving to
line zero.
- CVE-2023-0288
* SECURITY UPDATE: reading past the end of a line when formatting text
- debian/patches/CVE-2023-0433.patch: check for not going over the end of
the line.
- CVE-2023-0433
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-1170.patch: accessing invalid memory with put
in Visual block mode
- CVE-2023-1170
* SECURITY UPDATE: incorrect calculation of buffer size
- debian/patches/CVE-2023-1175.patch: illegal memory access when using
virtual editing
- CVE-2023-1175
-- Nishit Majithia <email address hidden> Fri, 17 Mar 2023 10:54:33 +0530
-
vim (2:8.0.1453-1ubuntu1.10) bionic-security; urgency=medium
* SECURITY UPDATE: illegal memory access with bracketed paste in Ex mode
- debian/patches/CVE-2022-0392.patch: reverse space for the trailing NUL
- CVE-2022-0392
-- Mark Esler <email address hidden> Wed, 11 Jan 2023 17:53:52 -0600
-
vim (2:8.0.1453-1ubuntu1.9) bionic-security; urgency=medium
* SECURITY UPDATE: heap based buffer overflow in spelling suggestion
function
- debian/patches/CVE-2022-0943.patch: adjust "badlen".
- CVE-2022-0943
* SECURITY UPDATE: use-after-free when processing regular expressions in old
engine
- debian/patches/CVE-2022-1154.patch: after getting mark get the line
again.
- CVE-2022-1154
* SECURITY UPDATE: buffer overflow when using invalid command with composing
chars
- debian/patches/CVE-2022-1616.patch: check that the whole character fits
in the buffer.
- CVE-2022-1616
* SECURITY UPDATE: heap buffer overflow when processing CTRL-W in latin1
encoding
- debian/patches/CVE-2022-1619.patch: check already being at the start of
the command line.
- CVE-2022-1619
* SECURITY UPDATE: NULL pointer access when using invalid pattern
- debian/patches/CVE-2022-1620.patch: check for failed regexp program.
- CVE-2022-1620
* SECURITY UPDATE: heap buffer overflow when processing invalid character
added to word list
- debian/patches/CVE-2022-1621.patch: check for a valid word string.
- debian/patches/remove_test_spell_single_word.patch: removal of test
test_spell_single_word from src/testdir/test_spell.vim
- CVE-2022-1621
-- Nishit Majithia <email address hidden> Tue, 13 Sep 2022 20:37:18 +0530
-
vim (2:8.0.1453-1ubuntu1.8) bionic-security; urgency=medium
* SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of
service or possible code execution when C-indenting
- debian/patches/CVE-2021-3984.patch: Fix memory access issue by correctly
dereferencing cursor position in src/misc1.c and
src/testdir/test_cindent.vim
- CVE-2021-3984
* SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of
service when help functions are provided with long command strings
- debian/patches/CVE-2021-4019.patch: Fix handling of strcpy to use safer
vim_snprintf in src/ex_cmds.c and src/testdir/test_help.vim
- CVE-2021-4019
* SECURITY UPDATE: Use-after-free issue in open command can lead to a denial
of service or possible code execution
- debian/patches/CVE-2021-4069.patch: Fix issue making a copy of the
current line and its address in src/ex_docmd.c
- CVE-2021-4069
-- Ray Veldkamp <email address hidden> Thu, 20 Jan 2022 13:47:53 +1100
-
vim (2:8.0.1453-1ubuntu1.7) bionic-security; urgency=medium
* SECURITY UPDATE: Fix heap-based buffer overflow when scrolling without a
valid screen
- debian/patches/CVE-2021-3903.patch: Do not set VALID_BOTLINE in w_valid
in src/move.c, src/testdir/test_normal.vim.
- CVE-2021-3903
* SECURITY UPDATE: Fix heap-based buffer overflow when reading character
past end of line
- debian/patches/CVE-2021-3927.patch: Correct the cursor column in
src/ex_docmd.c, src/testdir/test_put.vim.
- CVE-2021-3927
* SECURITY UPDATE: Fix stack-based buffer overflow when reading
uninitialized memory when giving spell suggestions
- debian/patches/CVE-2021-3928.patch: Check that preword is not empty in
src/spell.c, src/testdir/test_spell.vim.
- CVE-2021-3928
-- Spyros Seimenis <email address hidden> Tue, 09 Nov 2021 15:34:45 +0100
-
vim (2:8.0.1453-1ubuntu1.6) bionic-security; urgency=medium
* SECURITY UPDATE: Fix heap-based buffer overflow when reading beyond end of
line with invalid utf-8 character
- debian/patches/CVE-2021-3778.patch: Validate encoding of character before
advancing line in regexp_nfa.c.
- CVE-2021-3778
* SECURITY UPDATE: Fix use after free when replacing
- debian/patches/CVE-2021-3796.patch: Get the line pointer after calling
ins_copychar() in src/normal.c.
- CVE-2021-3796
-- Spyros Seimenis <email address hidden> Mon, 20 Sep 2021 15:26:53 +0300
-
vim (2:8.0.1453-1ubuntu1.4) bionic-security; urgency=medium
* SECURITY UPDATE: rvim restricted mode circumvention
- debian/patches/CVE-2019-20807-1.patch: disable using interfaces in
restricted mode in runtime/doc/starting.txt, src/evalfunc.c,
src/ex_cmds.c, src/ex_docmd.c, src/if_perl.xs,
src/testdir/Make_all.mak, src/testdir/test_restricted.vim.
- debian/patches/CVE-2019-20807-2.patch: missing some changes for Ex
commands in src/ex_cmds.h.
- CVE-2019-20807
-- Marc Deslauriers <email address hidden> Tue, 13 Oct 2020 11:49:09 -0400
-
vim (2:8.0.1453-1ubuntu1.3) bionic-security; urgency=medium
* SECURITY UPDATE: Application crash
- debian/patches/CVE-2018-20786.patch: handle out of
memory in src/libvterm/src/state.c, src/libvterm/src/vterm.c,
src/terminal.c.
- CVE-2018-20786
* SECURITY UPDATE: Access after free
- debian/patches/CVE-2019-20079.patch: avoid using 'wp'
after autocommands in src/window.c, src/testdir/test_autocmd.vim.
- debian/patches/patch-8.1.1192-mode-is-not-cleared*.patch:
Clear the mode when redraw_cmdline is set in src/globals.h,
src/screen.c.
- CVE-2019-20079
-- <email address hidden> (Leonidas S. Barbosa) Wed, 18 Mar 2020 15:29:15 -0300
-
vim (2:8.0.1453-1ubuntu1.1) bionic-security; urgency=medium
* SECURITY UPDATE: Arbitrary code execution
- debian/patches/CVE-2019-12735.patch: disallow
sourcing a file in the sandbox in src/getchar.c
- CVE-2019-12735
-- <email address hidden> (Leonidas S. Barbosa) Thu, 06 Jun 2019 14:31:41 -0300
-
vim (2:8.0.1453-1ubuntu1) bionic; urgency=medium
* Merge with Debian; remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/debian/update-upstart-syntax.patch:
+ Add setuid and setgid to syntax file.
- debian/patches/ubuntu-series-support.patch:
+ Drop vivid, wily, and yakkety, and add bionic.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
vim (2:8.0.1453-1) unstable; urgency=medium
[ upstream ]
* 8.0.1452: terminal test fails on some systems
+ This should fix the massive FTBFS on the buildds
* 8.0.1453: terminal test fails on some slow terminals
vim (2:8.0.1451-1) unstable; urgency=medium
[ David Rabel ]
* Update Standards-Version to 4.1.3
[ upstream ]
* 8.0.1444: missing -D_FILE_OFFSET_BITS=64 may cause problems
This should work around the inconsistent handling of large file support in
glibc (#888566), which closes: #827319.
[ James McCoy ]
* Re-enable Perl bindings on kFreeBSD
* Change Vcs-* to salsa.d.o
* Bump debhelper compat to 11
* Set R³ to no
* d/control: Use https URL for Homepage
* vim-doc: Move documentation under /usr/share/doc/vim, per §12.3
* Remove doc/<arch pkg> → doc/<all pkg> symlinks
* d/rules: Set .NOTPARALLEL to avoid dh_prep clobbering each other
vim (2:8.0.1401-2) unstable; urgency=medium
* debian.vim: Move a function definition inside an :if so it doesn't cause
vim-tiny to spew lots of errors. (Closes: #885073)
-- Matthias Klose <email address hidden> Tue, 10 Apr 2018 23:31:58 +0200
-
vim (2:8.0.1401-1ubuntu3) bionic; urgency=high
* No change rebuild against ruby-defaults without ruby2.3.
-- Dimitri John Ledkov <email address hidden> Thu, 01 Mar 2018 12:30:15 +0000
-
vim (2:8.0.1401-1ubuntu2) bionic; urgency=medium
* No-change rebuild for ruby2.5 update.
-- Matthias Klose <email address hidden> Thu, 01 Feb 2018 20:19:13 +0100
-
vim (2:8.0.1401-1ubuntu1) bionic; urgency=medium
* Merge with Debian; remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/debian/update-upstart-syntax.patch:
+ Add setuid and setgid to syntax file.
- debian/patches/ubuntu-series-support.patch:
+ Drop vivid, wily, and yakkety, and add bionic.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
vim (2:8.0.1401-1) unstable; urgency=medium
[ upstream ]
* syntax/sh.vim:
+ Fix syntax highlighting of $() when the /bin/sh is detected as
POSIX-compliant. (Closes: #848663)
+ Correctly highlight escaped single-quotes inside test expressions.
(Closes: #761064)
[ James McCoy ]
* runtime/debian.vim:
+ Fix mechanism used to check for <S-Insert> mappings, since maparg()
doesn't understand multiple modes in the {mode} argument. Thanks to
Sergey Vlasov for the patch! (Closes: #883422)
* syntax/debcontrol.vim:
+ Fix highlighting of "Section: javascript" … again. (Closes: #884495)
vim (2:8.0.1257-2) unstable; urgency=medium
* Add patch to fix flakiness in test_search.vim
* syntax/debcontrol.vim:
+ Recognize golang section. Thanks to Guillem Jover. (Closes: #880698)
vim (2:8.0.1257-1) unstable; urgency=medium
[ upstream ]
* 8.0.1246: Fix flaky popup test, which should fix the various FTBFS from
the last upload.
[ James McCoy ]
* syntax/debsources.vim:
+ Fix syntax error in definition of unsupported releases. Thanks to Josh
Triplett. (Closes: #879986)
* Declare compliance with Policy 4.1.1, no changes needed.
vim (2:8.0.1226-1) unstable; urgency=medium
[ upstream ]
* 8.0.1154: Fix indentation when 'indentkeys' is in use. (Closes: #877262)
[ James McCoy ]
* syntax/debcontrol.vim:
+ Add support for all fields in deb-src-control(5). (Closes: #878970)
* syntax/deb{sources,changelog}.vim:
+ Add bionic release and mark yakkety & squeeze unsupported.
-- Matthias Klose <email address hidden> Fri, 22 Dec 2017 16:58:22 +0100
-
vim (2:8.0.1144-1ubuntu1) bionic; urgency=medium
* Merge from Debian unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/debian/update-upstart-syntax.patch:
+ Add setuid and setgid to syntax file.
- debian/patches/ubuntu-series-support.patch:
+ Drop vivid, wily, and yakkety, and add bionic.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
vim (2:8.0.1144-1) unstable; urgency=medium
[ upstream ]
* Fix detection/enabling of cursor blink state. (Closes: #872302)
* ftplugin/perl.vim: Set 'iskeyword' local to the buffer so it doesn't
affect subsequently opened buffers. (Closes: #873755)
* syntax/mason.vim: Correctly highlight mason files again. (Closes:
#700016)
[ James McCoy ]
* debcontrol.vim:
+ Recognize Testsuite field (Closes: #872360)
+ Treat tabs as valid whitespace (Closes: #872557)
* Declare compliance with Policy 4.1.0, no changes needed
* Add basic autopkgtests
* Add missing postrm for symlink_to_dir maintscripts
vim (2:8.0.0946-1) unstable; urgency=medium
[ upstream ]
* 8.0.0939, 8.0.0940: Handle flakiness in terminal tests. (Closes: #872164)
* 8.0.0944: test_profile: Accept a match when self and total time are the
same.
* 8.0.0946: Don't rely on PATH_MAX. Fixes FTBFS on hurd.
vim (2:8.0.0937-1) unstable; urgency=medium
[ upstream ]
* 8.0.0210 et.al.: Add support for bracketed paste. (Closes: #504244)
* 8.0.0421: Fix display in diff mode when adding a line at the end of a
buffer. (Closes: #846993)
* 8.0.0693 et.al.: Implement a terminal emulator.
* 8.0.0698: Fix a crash on exit when using a Python function from a timer.
(Closes: #868767)
* 8.0.0737: Crash when X11 selection is very big (Closes: #606957)
[ James McCoy ]
* vim-policy:
+ Specify the "addon", not "name", field is used to declare the addon.
Thanks to Reiner Herrmann.
* Merge changes from Ubuntu, dependent on DEB_VENDOR=Ubuntu:
+ Remove --disable-python3interp on Ubuntu for vim-basic
+ Disable ruby for vim-gtk3
* d/rules:
+ Remove src/po/vim.pot and *.pyc during clean
+ Remove explicit setting of SOURCE_DATE_EPOCH since dpkg's pkg-info.mk
provides it.
* debcontrol.vim:
+ Add highlighting for Build-(Depends|Conflicts)-Arch
+ Fix syntax highlighting of "javascript" section. (Closes: #867307)
* Rewrite d/copyright in machine readable format. (Closes: #819734)
+ Properly document xxd's license. (Closes: #776191)
* Mark vim-doc and xxd Multi-Arch: foreign. Thanks to Helmut Grohne for the
patch. (Closes: #852722)
* Declare compliance with policy 4.0.1
+ Change Priority: extra packages to optional
* Reference Python 3 instead of Python in long descriptions. (Closes:
#868020)
* Bump debhelper compat to 10.
* debian/control:
+ Remove version constraints that are satisifed in oldstable.
vim (2:8.0.0197-5) unstable; urgency=high
* Backport upstream patches to fix CVE-2017-11109 (Closes: #867720)
+ 8.0.0703: Illegal memory access with empty :doau command
+ 8.0.0706: Crash when cancelling the cmdline window in Ex mode
+ 8.0.0707: Freeing wrong memory when manipulating buffers in autocommands
-- Adam Conrad <email address hidden> Wed, 25 Oct 2017 05:27:27 -0600
-
vim (2:8.0.0197-4ubuntu5) artful; urgency=medium
* No-change rebuild for perl 5.26.0.
-- Matthias Klose <email address hidden> Wed, 26 Jul 2017 20:13:43 +0000
