All of lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [git commit branch/2021.02.x] package/vim: security bump to version 8.2.3582
@ 2021-11-17 21:21 Peter Korsgaard
  0 siblings, 0 replies; only message in thread
From: Peter Korsgaard @ 2021-11-17 21:21 UTC (permalink / raw)
  To: buildroot

commit: https://git.buildroot.net/buildroot/commit/?id=6b110ed34f51e39d3c249f1647d9de12f7e9ddb8
branch: https://git.buildroot.net/buildroot/commit/?id=refs/heads/2021.02.x

- Fix CVE-2021-3928: vim is vulnerable to Stack-based Buffer Overflow
- Drop patch (already in version)

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit 9f42504d6d55d9e667484ce4edd5a9a6de690ddc)
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
---
 ...tems-for-nanosecond-resolution-timestamps.patch | 56 ----------------------
 package/vim/vim.hash                               |  2 +-
 package/vim/vim.mk                                 |  2 +-
 3 files changed, 2 insertions(+), 58 deletions(-)

diff --git a/package/vim/0001-Fix-config-of-old-systems-for-nanosecond-resolution-timestamps.patch b/package/vim/0001-Fix-config-of-old-systems-for-nanosecond-resolution-timestamps.patch
deleted file mode 100644
index 2e78a8d594..0000000000
--- a/package/vim/0001-Fix-config-of-old-systems-for-nanosecond-resolution-timestamps.patch
+++ /dev/null
@@ -1,56 +0,0 @@
-From b5db1ebf06d2904522ebf246f9c6a8bbf8fca398 Mon Sep 17 00:00:00 2001
-From: Gary Johnson <garyjohn@spocom.com>
-Date: Tue, 26 Oct 2021 13:50:19 -0700
-Subject: [PATCH] Fix config of old systems for nanosecond-resolution
- timestamps
-
-On old systems (e.g. 32-bit systems running Ubuntu 10.4), defining
-_XOPEN_SOURCE causes _BSD_SOURCE and _SVID_SOURCE not to be defined,
-which causes nanosecond-resolution timestamps not to be included in
-struct stat, which causes the build of fileio.c to fail.
-
-_XOPEN_SOURCE is defined for some systems in vim.h.
-
-A solution is to define _BSD_SOURCE and _SVID_SOURCE whenever
-_XOPEN_SOURCE is defined.
-
-On new systems, defining either _BSD_SOURCE or _SVID_SOURCE causes
-/usr/include/features.h to issue a warning message about _BSD_SOURCE and
-_SVID_SOURCE being deprecated and to use _DEFAULT_SOURCE instead.
-
-A solution for that is to also define _DEFAULT_SOURCE when _BSD_SOURCE
-and _SVID_SOURCE are defined.
-
-[Retrieved from:
-https://github.com/vim/vim/pull/9054/commits/b5db1ebf06d2904522ebf246f9c6a8bbf8fca398]
-Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
----
- src/vim.h | 15 +++++++++++++++
- 1 file changed, 15 insertions(+)
-
-diff --git a/src/vim.h b/src/vim.h
-index 31d4bdefe87..f62ad88c7a1 100644
---- a/src/vim.h
-+++ b/src/vim.h
-@@ -43,6 +43,21 @@
- // 700 is needed for mkdtemp().
- #  ifndef _XOPEN_SOURCE
- #   define _XOPEN_SOURCE    700
-+
-+// On old systems, defining _XOPEN_SOURCE causes _BSD_SOURCE and/or
-+// _SVID_SOURCE not to be defined, so do that here.  Those are needed to
-+// include nanosecond-resolution timestamps in struct stat.  On new systems,
-+// _DEFAULT_SOURCE is needed to avoid warning messages about using deprecated
-+// _BSD_SOURCE or _SVID_SOURCE.
-+#   ifndef _BSD_SOURCE
-+#    define _BSD_SOURCE 1
-+#   endif
-+#   ifndef _SVID_SOURCE
-+#    define _SVID_SOURCE 1
-+#   endif
-+#   ifndef _DEFAULT_SOURCE
-+#    define _DEFAULT_SOURCE 1
-+#   endif
- #  endif
- # endif
- 
diff --git a/package/vim/vim.hash b/package/vim/vim.hash
index bbe65c4dda..e07e48c68f 100644
--- a/package/vim/vim.hash
+++ b/package/vim/vim.hash
@@ -1,4 +1,4 @@
 # Locally computed
-sha256  ac2264c45684218232ec49a6ae8b88b9a68312b664b93b811868d24c39d8dc11  vim-8.2.3565.tar.gz
+sha256  363a90e45eb93c73340a711223c7ce5e564432f9eb34624e1a545f4fd57dd49d  vim-8.2.3582.tar.gz
 sha256  0bcab3b635dd39208c42b496568d1e8171dad247cf3da5bab3d750c9d5883499  LICENSE
 sha256  96970b67f9cb38b0e759946cff22562a3c4b11ce78f62f2117d5e7ecded9ab4d  README.txt
diff --git a/package/vim/vim.mk b/package/vim/vim.mk
index 960759aab4..0eb96dc835 100644
--- a/package/vim/vim.mk
+++ b/package/vim/vim.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-VIM_VERSION = 8.2.3565
+VIM_VERSION = 8.2.3582
 VIM_SITE = $(call github,vim,vim,v$(VIM_VERSION))
 VIM_DEPENDENCIES = ncurses $(TARGET_NLS_DEPENDENCIES)
 VIM_SUBDIR = src
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] only message in thread
only message in thread, other threads:[~2021-11-17 21:50 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-11-17 21:21 [Buildroot] [git commit branch/2021.02.x] package/vim: security bump to version 8.2.3582 Peter Korsgaard

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.