-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Sun, 16 Jun 2019 13:06:40 -0400 Source: vim Architecture: source Version: 2:8.0.0197-4+deb9u2 Distribution: stretch-security Urgency: high Maintainer: Debian Vim Maintainers Changed-By: James McCoy Closes: 930020 Changes: vim (2:8.0.0197-4+deb9u2) stretch-security; urgency=high . * Backport patches to address CVE-2019-12735 (Closes: #930020) + 8.0.0649: when opening a help file the filetype is set several times + 8.0.0651: build failure without the auto command feature + 8.1.0066: nasty autocommand causes using freed memory + 8.1.0177: defining function in sandbox is inconsistent + 8.1.0189: function defined in sandbox not tested + 8.1.0205: invalid memory access with invalid modeline + 8.1.0206: duplicate test function name + 8.1.0208: file left behind after running individual test + 8.1.0506: modelinen test fails when run by root + 8.1.0538: evaluating a modeline might invoke using a shell command + 8.1.0539: cannot build without the sandbox + 8.1.0540: may evaluate insecure value when appending to option + 8.1.0544: setting 'filetype' in a modeline causes an error + 8.1.0546: modeline test with keymap fails + 8.1.0547: modeline test with keymap still fails + 8.1.0613: when executing an insecure function the secure flag is stuck + 8.1.1046: the "secure" variable is used inconsistently + 8.1.1365: source command doesn't check for the sandbox + 8.1.1366: using expressions in a modeline is unsafe + 8.1.1367: can set 'modelineexpr' in modeline + 8.1.1368: modeline test fails with python but without pythonhome + 8.1.1382: error when editing test files + 8.1.1401: misspelled mkspellmem and makespellmem * gbp.conf: Set debian-branch to debian/stretch * gbp.conf: Set upstream-tag to v%(version)s Checksums-Sha1: d619296fbcdd5ece133cf675f76269117fce0f91 3048 vim_8.0.0197-4+deb9u2.dsc 9201147e6b8844bec2dab7e67baddef034ff677b 12959375 vim_8.0.0197.orig.tar.gz 79d68180dfdf0264b4d4072ef70a1d8e65450016 174048 vim_8.0.0197-4+deb9u2.debian.tar.xz bd4b0dc5066175537871570e7b9e4d9ca619310b 6436 vim_8.0.0197-4+deb9u2_source.buildinfo Checksums-Sha256: c372c4b36f06744cc9d0cae5529f6ded85755b3a7d09308a5d914c500d328c2b 3048 vim_8.0.0197-4+deb9u2.dsc 7fc1d5ef76a86961316666fb8e050cdb79bd86f9264028d597e682582b25be16 12959375 vim_8.0.0197.orig.tar.gz 2ffad3c562f86d3af6a3a04d6ea15af1d520b1d359d5680e037b3d528a227b22 174048 vim_8.0.0197-4+deb9u2.debian.tar.xz 6d8ed9248bc700c59a8e4e2daec59a339cde6dbbf025b40ab6a6bc12f2963747 6436 vim_8.0.0197-4+deb9u2_source.buildinfo Files: 8df682a479b9c65207a82fa1345aa57a 3048 editors optional vim_8.0.0197-4+deb9u2.dsc 718499f6187066988cfd1e3ea3ccaf67 12959375 editors optional vim_8.0.0197.orig.tar.gz e9df03480977355f3e9579abb5b53cba 174048 editors optional vim_8.0.0197-4+deb9u2.debian.tar.xz a35d2c01ceb82eb9be76ca6f9bd15dfb 6436 editors optional vim_8.0.0197-4+deb9u2_source.buildinfo -----BEGIN PGP SIGNATURE----- iQKoBAEBCgCSFiEEkb+/TWlWvV33ty0j3+aRrjMbo9sFAl0IUElfFIAAAAAALgAo aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDkx QkZCRjRENjk1NkJENURGN0I3MkQyM0RGRTY5MUFFMzMxQkEzREIUHGphbWVzc2Fu QGRlYmlhbi5vcmcACgkQ3+aRrjMbo9tJ8xAAvZjijgP2p3QQLwYkcOFdj0aC/a/r 9pVWxtSx/mkFxpKuZ6tF34n+uEfGaUqrEre1oyvoT38dsTneyrWEpJrsYy/DBgcb wGk+xBWTO7XJX6mFRkZb/P0S5/AO/Gv5fmv4NR5MhCbBqTW7fY3uhJxnyUU+RLNr wr1z8UlfImRTow/gCwOELoQvOukUPxvRL67x9g88LzMVob5CttbHa1Nh2E2c+0gz G0aPscgD87im105j7LusSYfyF2DRdTVwiliseSpsE2mWUkRpN2Y8+kbKOrmCpi+V XWmx4eU8jEP8cYgUFXgTLrZRw2hyclTTVprcvg5y/wJkUtaBOak2+Q3Av0YYva8t PpJmH/1GfIr0on2WeN2cL39VEcOQs81IWEjQl5Ml4bEYCMDhN2gfncf+B/W2Gz9n M4jTKLqJV2ObeAPeKXDYE+hfs82G2XilDnJAZYfFrojWlc7NDbiqupikxY+1aa+4 XJ9BGM1tkiinWANDO480+V3uC4Do7mSF07DVPfUMNUIJjl3lE/5SaXRWiudgPbS9 3JiTG8v3stdN47cjVJEGoigXR/2+veXfOypLxGAnBRQ3T0RMH//QWSXBM2NxZJ+M eSVN9DEn2eJZPKG215uaS/BtuPJBvFqf2kEPM5XcJ8CHpprwfo5g6FmvUxleF426 5KCT/2qaAJqARYQ= =YW1m -----END PGP SIGNATURE-----