vim (2:7.4.052-1ubuntu3.1) trusty-security; urgency=medium
* SECURITY UPDATE: arbitrary shell execution via modelines
- debian/patches/upstream/CVE-2016-1248.patch: Only allow valid
characters in 'filetype', 'syntax' and 'keymap'. Tests adapted
back to vim 7.3 by James McCoy of Debian, thanks! Patch is also
updated to add the tests to the set that are run during the build.
- CVE-2016-1248
Date: 2016-11-24 16:38:17.725918+00:00
Changed-By: Steve Beattie <sbeat...@ubuntu.com>
Signed-By: Ubuntu Archive Robot
<cjwatson+ubuntu-archive-ro...@chiark.greenend.org.uk>
https://launchpad.net/ubuntu/+source/vim/2:7.4.052-1ubuntu3.1
Sorry, changesfile not available.
--
Trusty-changes mailing list
Trusty-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/trusty-changes
