Publishing details
Changelog
vim (2:9.0.1378-1~bpo22.04.1) jammy; urgency=medium
* No-change backport to jammy.
vim (2:9.0.1378-1) unstable; urgency=medium
* Merge upstream patch v9.0.1378
+ Vulnerability fixes
- 9.0.1143: Invalid memory access with bad 'statusline' value,
CVE-2023-0049
- 9.0.1144: Reading beyond text, CVE-2023-0051
- 9.0.1145: Invalid memory access with recursive substitute expression,
(Closes: #1031875, CVE-2023-0054)
- 9.0.1189: Invalid memory access with folding and using "L",
CVE-2023-0288
- 9.0.1225: Reading past the end of a line when formatting text,
CVE-2023-0433
- 9.0.1247: Divide by zero with 'smoothscroll' set and a narrow window,
CVE-2023-0512
- 9.0.1367: Divide by zero in zero-width window, CVE-2023-1127
- 9.0.1376: Accessing invalid memory with put in Visual block mode,
CVE-2023-1170
+ 9.0.1073, 9.0.1080: Fix keyboard input/mapping support for some
terminals (e.g., foot and kitty). (Closes: #1029049)
+ 9.0.1213: Fix inconsistent behavior when adding text after a fold at the
end of the buffer (Closes: #868252)
+ syntax/2html.vim: Fix reference to undefined s:settings_no_doc variable
(Closes: #1030151)
+ syntax/debcontrol.vim, syntax/debsources.vim: Add support for
non-free-firmware. (Closes: #1029986)
vim (2:9.0.1000-4) unstable; urgency=medium
* Backport patch to fix tests on IPv6-only hosts (Closes: #1027824)
vim (2:9.0.1000-3) unstable; urgency=medium
* Fix substitution of VIMCUR in vim-common.install (Closes: #1027766)
* Backport v9.0.1129 to fix sporadic Test_range failure
vim (2:9.0.1000-2) unstable; urgency=medium
* Restore man page translations for da, de, and ja (Closes: #1027318)
* Update to debhelper-compat 13
* Remove obsolete maintscript files for versions earlier than oldstable
* Remove PER_VARIANT_FILES handling in debian/rules
* Add future=+lfs to DEB_BUILD_MAINT_OPTIONS
* Backport v9.0.1118 to fix sporadic test failures
* ci: Run tests against installed xxd
* ci: Install python3 for vim tests
* Backport v9.0.1117 to fix bracketed paste with new ncurses
(Closes: #1027674)
vim (2:9.0.1000-1) unstable; urgency=medium
* Merge upstream patch v9.0.1000
+ Security fixes
- 9.0.0882: using freed memory after SpellFileMissing autocmd uses
bwipe, CVE-2022-4292
- 9.0.0947: invalid memory access in substitute with function that goes
to another file (Closes: #1027146, CVE-2022-4141)
* Backport v9.0.1087 to fix test_autocmd flakiness
vim (2:9.0.0813-1) unstable; urgency=medium
* Merge upstream patch v9.0.0813
+ syntax/markdown.vim: Fix performance of markdownLinkText highlighting.
(Closes: #994209)
vim (2:9.0.0626-1) unstable; urgency=medium
* Merge upstream patch v9.0.0626
+ Various CVE fixes (Closes: #1019590)
- 9.0.0246: using freed memory when 'tagfunc' deletes the buffer,
CVE-2022-2946
- 9.0.0260: using freed memory when using 'quickfixtextfunc'
recursively, CVE-2022-2982
- 9.0.0322: crash when no errors and 'quickfixtextfunc' is set,
CVE-2022-3037
- 9.0.0360: crash when invalid line number on :for is ignored,
CVE-2022-3099
- 9.0.0389: crash when 'tagfunc' closes the window, CVE-2022-3134
- 9.0.0483: illegal memory access when replacing in virtualedit mode,
CVE-2022-3234
- 9.0.0490: using freed memory with cmdwin and BufEnter autocmd,
CVE-2022-3235
- 9.0.0530: using freed memory when autocmd changes mark, CVE-2022-3256
- 9.0.0577: buffer underflow with unexpected :finally, CVE-2022-3296
- 9.0.0598: using negative array index with negative width window,
CVE-2022-3324
- 9.0.0614: CVE-2022-3352
+ 9.0.0509: confusing error for "saveas" command with "nofile" buffer
(Closes: #796872)
vim (2:9.0.0242-1) unstable; urgency=medium
* Merge upstream patch v9.0.0242
+ 9.0.241/242: Install the shared syntax files (Closes: #1017856)
* Add historic changelog entry for #947120 fix
* Adjust lintian overrides for new []-format
* Declare compliance with Policy 4.6.1, no changes needed
vim (2:9.0.0229-1) unstable; urgency=medium
* Merge upstream patch v9.0.0229
+ Various CVE fixes
- 9.0.0211: invalid memory access when compiling :lockvar, CVE-2022-2819
- 9.0.0212: invalid memory access when compiling :unlet, CVE-2022-2816
- 9.0.0213: using freed memory with error in assert argument,
CVE-2022-2817
- 9.0.0218: reading before the start of the line, CVE-2022-2845
- 9.0.0220: invalid memory access with for loop over NULL string,
CVE-2022-2849
- 9.0.0221: accessing freed memory if compiling nested function fails,
CVE-2022-2862
- 9.0.0225: using freed memory with multiple line breaks in expression,
CVE-2022-2889
* Add Recommends: xxd to vim-common
* Minor fixes for vim-tiny's fake help file (Closes: #1017715)
* Revert "Temporarily skip Test_Debugger_breakadd_expr", test fixed upstream
vim (2:9.0.0135-1) unstable; urgency=medium
* Merge upstream patch v8.2.5172
+ ftplugin/perl.vim: Only add : to 'isfname' in Perl buffers. (Closes:
#761800)
+ ftplugin/tap.vim: Set fold-related options local to the buffer. (Closes:
#954113)
+ syntax/debcontrol.vim: Fix highlighting of sections with a slash (e.g.,
"non-free/utils"). (Closes: #1010839)
+ syntax/tap.vim: Match TODO/SKIP markers case-insensitively. (Closes:
#954016)
+ syntax/perl.vim: Properly highlight code on the same line as the start
of a here-doc block. (Closes: #136455)
+ Various CVE fixes (Closes: #1015984, #1016068)
- 8.2.5043: can open a cmdline window from a substitute expression,
CVE-2022-1942
- 8.2.5050: using freed memory when searching for pattern in path,
CVE-2022-1968
- 8.2.5063: error for a command may go over the end of IObuff,
CVE-2022-2000
- 8.2.5120: searching for quotes may go over the end of the line,
CVE-2022-2124
- 8.2.5122: lisp indenting may run over the end of the line,
CVE-2022-2125
- 8.2.5123: using invalid index when looking for spell suggestions,
CVE-2022-2126
- 8.2.5126: substitute may overrun destination buffer, CVE-2022-2129
- 9.0.0018: going over the end of the typeahead, CVE-2022-2285
- 9.0.0025: accessing beyond allocated memory with the cmdline window,
CVE-2022-2288
- 9.0.0035: spell dump may go beyond end of an array, CVE-2022-2304
- 8.2.5162: reading before the start of the line with BS in Replace
mode, CVE-2022-2207
- 8.2.4895: buffer overflow with invalid command with composing chars,
CVE-2022-1616
- 8.2.4899: with latin1 encoding CTRL-W might go before the cmdline,
CVE-2022-1619
- 8.2.4919: can add invalid bytes with :spellgood, CVE-2022-1621
- 8.2.4956: reading past end of line with "gf" in Visual block mode,
CVE-2022-1720
- 8.2.4977: memory access error when substitute expression changes
window, CVE-2022-1785
- 8.2.5013: after text formatting cursor may be in an invalid position,
CVE-2022-1851
- 8.2.5023: substitute overwrites allocated buffer, CVE-2022-1897
- 8.2.5024: using freed memory with "]d", CVE-2022-1898
- 9.0.0060: accessing uninitialized memory when completing long line,
CVE-2022-2522
* Temporarily skip Test_Debugger_breakadd_expr
* Remove "Depends: xxd" from vim-common (Closes: #1007887)
* Suppress error about missing defaults.vim in vim-tiny (Closes: #1004118)
vim (2:8.2.4793-1) unstable; urgency=medium
* Merge upstream patch v8.2.4793
vim (2:8.2.4659-1) unstable; urgency=medium
* Merge upstream patch v8.2.4659
+ 8.2.4151: reading beyond end of a line (Closes: #1004859, CVE-2022-0318)
+ autoload/phpcomplete.vim: Fix E565 error in omni-completion (Closes:
#1008710)
* Remove outdated NEWS and README.Debian entries
* README.Debian: Fix links to vim-policy
* Improve docs about purpose and effect of defaults.vim (Closes: #856273)
* Define system (g)vimrc location as /etc/vim/(g)vimrc, rather than
symlinking from /usr/share/vim/(g)vimrc -> /etc/vim/(g)vimrc.
* Replace vim-athena with vim-motif, Athena GUI deprecated upstream
* Remove lintian override for rgb.txt, removed upstream
* Declare compliance with Policy 4.6.0, no changes needed
* Remove vim-gtk transitional package
-- Sebastian Ramacher <email address hidden> Sun, 12 Mar 2023 20:43:00 +0100
Builds
Built packages
-
vim
Vi IMproved - enhanced vi editor
-
vim-athena
Vi IMproved - enhanced vi editor (dummy package)
-
vim-common
Vi IMproved - Common files
-
vim-dbgsym
debug symbols for vim
-
vim-doc
Vi IMproved - HTML documentation
-
vim-gtk3
Vi IMproved - enhanced vi editor - with GTK3 GUI
-
vim-gtk3-dbgsym
debug symbols for vim-gtk3
-
vim-gui-common
Vi IMproved - Common GUI files
-
vim-motif
Vi IMproved - enhanced vi editor - with Motif GUI
-
vim-motif-dbgsym
debug symbols for vim-motif
-
vim-nox
Vi IMproved - enhanced vi editor - with scripting languages support
-
vim-nox-dbgsym
debug symbols for vim-nox
-
vim-runtime
Vi IMproved - Runtime files
-
vim-tiny
Vi IMproved - enhanced vi editor - compact version
-
vim-tiny-dbgsym
debug symbols for vim-tiny
-
xxd
tool to make (or reverse) a hex dump
-
xxd-dbgsym
debug symbols for xxd
Package files