[RFC] vim-patch:8.0.0377,8.0.0378,8.0.0322,8.0.0376 #6485
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
I need to revisit one more pair of patches (8.0.0322/8.0.0376) which I had initially discarded as NA since we use |
Problem: Possible overflow when reading corrupted undo file. Solution: Check if allocated size is not too big. (King) vim/vim@3eb1637 CVE-2017-6349
Problem: Another possible overflow when reading corrupted undo file. Solution: Check if allocated size is not too big. (King) vim/vim@0c8485f CVE-2017-6350
Problem: Possible overflow with spell file where the tree length is
corrupted.
Solution: Check for an invalid length (suggested by shqking)
vim/vim@399c297
CVE-2017-5953
Problem: Size computations in spell file reading are not exactly right. Solution: Make "len" a "long" and check with LONG_MAX. vim/vim@6d3c858
|
Ooh, I wonder if this closes #2880. Or do you think we should merge that? |
Merged
justinmk
added a commit
to justinmk/neovim
that referenced
this pull request
May 1, 2017
FEATURES:
bc4a2e1 help, man.vim: "outline" (TOC) feature neovim#5169
58422f1 'guicursor' works in the TUI (and sends info to UIs) neovim#6423
129f107 api: nvim_get_mode() neovim#6247
0b59f98 api/ui: externalize tabline neovim#6583
bc6d868 'listchars': `Whitespace` highlight group neovim#6367
6afa7d6 writefile() obeys 'fsync' option neovim#6427
c60e409 eval.c refactor (also improves some error messages) neovim#5119
9d200cd getcompletion("cmdline") neovim#6376
2ea7bfc terminal: Support extra arguments in 'shell'. neovim#4504
bf51102 DirChanged autocmd neovim#5928 neovim#6262
1743df8 'cpoptions': "_" flag to toggle `cw` behaviour neovim#6235
22337b1 CTRL-R omits trailing ^M when pasting to cmdline neovim#6137
0e44916 :edit allows unescaped spaces in filename neovim#6119
abdbfd2 eval: Add id() function and make printf("%p") useful neovim#6095
bdfa147 findfile(), :find, gf work in :terminal. neovim#6009
2f38ed1 providers: Disable if `g:loaded_*` exists.
b5560a6 setpos() can set lowercase marks in other buffers neovim#5753
7c513d6 Throttle :! output, pulse "..." message. neovim#5396
d2e8c76 v:exiting neovim#5651
:terminal improvements neovim#6185 neovim#6142
- cursor keeps position after leaving insert-mode.
- 4ceec30 Follows output only if cursor is at end of buffer.
- e7bbd35 new option: 'scrollback'
- fedb844 quasi-support for undo and 'modifiable'
- b45ddf7 disables 'list' by default
- disables 'relativenumber' by default
:help now contains full API documentation at `:help api`.
man.vim saw numerous improvements.
Windows support:
- Windows is no longer "experimental", it is fully supported.
- Windows package includes a GUI, curl.exe and other utilities.
"Vim 8" features: partials, lambdas.
SECURITY FIXES:
CVE-2017-5953 CVE-2017-6349 CVE-2017-6350 neovim#6485
CHANGES:
NVIM_TUI_ENABLE_CURSOR_SHAPE was removed. Use 'guicursor' instead.
See https://github.com/neovim/neovim/wiki/Following-HEAD#20170402
81525dc 'mouse=a' is no longer the default. (This will probably
change again after it is improved.) neovim#6022
0c1f783 defaults: 'showcmd', 'belloff', 'ruler' neovim#6087
eb0e94f api: {get,set}_option update local options as appropriate neovim#6405
bdcb2a3 "Reading from stdin..." message was removed. neovim#6298
FIXES:
12fc1de ops: fix i<c-r> with multi-byte text neovim#6524
dd391bf Windows: system() and friends neovim#6497
13352c0 Windows: os_get_hostname() neovim#6413
16babc6 tui: Less-noisy mouse seqs neovim#6411
3a9dd13 (vim bug) folding edge-cases neovim#6207
f6946c6 job-control: set CLOEXEC on pty processes. neovim#5986
d1afd43 rplugin: Call s:LoadRemotePlugins() on startup.
1215084 backtick-expansion works with `shell=fish` neovim#6224
e32ec03 tui: Improved behavior after resize. neovim#6202
86c2adc edit.c: CTRL-SPC: Insert previously-inserted text. neovim#6090
c318d8e b:changedtick now follows VimL rules neovim#6112
34e24cb terminal: Initialize colors in reverse order neovim#6160
e889917 undo: Don't set b_u_curhead in ex_undojoin() neovim#5869
d25649f undo: :earlier, g-: Set b_u_seq_cur correctly. (neovim#6016)
043d8ba 'Visual-mode put from @. register' neovim#5782
42c922b open_buffer(): Do `BufEnter` for directories.
50d0d89 inccommand: Preview :sub commands only after delimiter neovim#5932
1420e10 CheckHealth improvements neovim#5519
c8d5e92 jobstart(): Return -1 if cmd is not executable. neovim#5671
justinmk
added a commit
to justinmk/neovim
that referenced
this pull request
May 1, 2017
FEATURES:
bc4a2e1 help, man.vim: "outline" (TOC) feature neovim#5169
58422f1 'guicursor' works in the TUI (and sends info to UIs) neovim#6423
129f107 api: nvim_get_mode() neovim#6247
0b59f98 api/ui: externalize tabline neovim#6583
bc6d868 'listchars': `Whitespace` highlight group neovim#6367
6afa7d6 writefile() obeys 'fsync' option neovim#6427
c60e409 eval.c refactor (also improves some error messages) neovim#5119
9d200cd getcompletion("cmdline") neovim#6376
2ea7bfc terminal: Support extra arguments in 'shell'. neovim#4504
bf51102 DirChanged autocmd neovim#5928 neovim#6262
1743df8 'cpoptions': "_" flag to toggle `cw` behaviour neovim#6235
22337b1 CTRL-R omits trailing ^M when pasting to cmdline neovim#6137
0e44916 :edit allows unescaped spaces in filename neovim#6119
abdbfd2 eval: Add id() function and make printf("%p") useful neovim#6095
bdfa147 findfile(), :find, gf work in :terminal. neovim#6009
2f38ed1 providers: Disable if `g:loaded_*` exists.
b5560a6 setpos() can set lowercase marks in other buffers neovim#5753
7c513d6 Throttle :! output, pulse "..." message. neovim#5396
d2e8c76 v:exiting neovim#5651
:terminal improvements neovim#6185 neovim#6142
- cursor keeps position after leaving insert-mode.
- 4ceec30 Follows output only if cursor is at end of buffer.
- e7bbd35 new option: 'scrollback'
- fedb844 quasi-support for undo and 'modifiable'
- b45ddf7 disables 'list' by default
- disables 'relativenumber' by default
:help now contains full API documentation at `:help api`.
man.vim saw numerous improvements.
Windows support:
- Windows is no longer "experimental", it is fully supported.
- Windows package includes a GUI, curl.exe and other utilities.
"Vim 8" features: partials, lambdas.
SECURITY FIXES:
CVE-2017-5953 CVE-2017-6349 CVE-2017-6350 neovim#6485
CHANGES:
NVIM_TUI_ENABLE_CURSOR_SHAPE was removed. Use 'guicursor' instead.
See https://github.com/neovim/neovim/wiki/Following-HEAD#20170402
81525dc 'mouse=a' is no longer the default. (This will probably
change again after it is improved.) neovim#6022
0c1f783 defaults: 'showcmd', 'belloff', 'ruler' neovim#6087
eb0e94f api: {get,set}_option update local options as appropriate neovim#6405
bdcb2a3 "Reading from stdin..." message was removed. neovim#6298
FIXES:
12fc1de ops: fix i<c-r> with multi-byte text neovim#6524
dd391bf Windows: system() and friends neovim#6497
13352c0 Windows: os_get_hostname() neovim#6413
16babc6 tui: Less-noisy mouse seqs neovim#6411
3a9dd13 (vim bug) folding edge-cases neovim#6207
f6946c6 job-control: set CLOEXEC on pty processes. neovim#5986
d1afd43 rplugin: Call s:LoadRemotePlugins() on startup.
1215084 backtick-expansion works with `shell=fish` neovim#6224
e32ec03 tui: Improved behavior after resize. neovim#6202
86c2adc edit.c: CTRL-SPC: Insert previously-inserted text. neovim#6090
c318d8e b:changedtick now follows VimL rules neovim#6112
34e24cb terminal: Initialize colors in reverse order neovim#6160
e889917 undo: Don't set b_u_curhead in ex_undojoin() neovim#5869
d25649f undo: :earlier, g-: Set b_u_seq_cur correctly. (neovim#6016)
043d8ba 'Visual-mode put from @. register' neovim#5782
42c922b open_buffer(): Do `BufEnter` for directories.
50d0d89 inccommand: Preview :sub commands only after delimiter neovim#5932
1420e10 CheckHealth improvements neovim#5519
c8d5e92 jobstart(): Return -1 if cmd is not executable. neovim#5671
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
vim-patch:8.0.0377
Problem: Possible overflow when reading corrupted undo file.
Solution: Check if allocated size is not too big. (King)
vim/vim@3eb1637
CVE-2017-6349
vim-patch:8.0.0378
Problem: Another possible overflow when reading corrupted undo file.
Solution: Check if allocated size is not too big. (King)
vim/vim@0c8485f
CVE-2017-6350
vim-patch:8.0.0322
Problem: Possible overflow with spell file where the tree length is
corrupted.
Solution: Check for an invalid length (suggested by shqking)
vim/vim@399c297
CVE-2017-5953
vim-patch:8.0.0376
Problem: Size computations in spell file reading are not exactly right.
Solution: Make "len" a "long" and check with LONG_MAX.
vim/vim@6d3c858