diff --git a/backport-CVE-2025-1215.patch b/backport-CVE-2025-1215.patch deleted file mode 100644 index 8b2b581fa7e4aee33ed658db3f3f2b228b1855ce..0000000000000000000000000000000000000000 --- a/backport-CVE-2025-1215.patch +++ /dev/null @@ -1,124 +0,0 @@ -From c5654b84480822817bb7b69ebc97c174c91185e9 Mon Sep 17 00:00:00 2001 -From: Hirohito Higashi -Date: Mon, 10 Feb 2025 20:55:17 +0100 -Subject: [PATCH] patch 9.1.1097: --log with non-existent path causes a crash - -Problem: --log with non-existent path causes a crash - (Ekkosun) -Solution: split initialization phase and init the execution stack - earlier (Hirohito Higashi) - -fixes: #16606 -closes: #16610 - -Signed-off-by: Hirohito Higashi -Signed-off-by: Christian Brabandt ---- - src/main.c | 21 +++++++++++++++++---- - src/message_test.c | 3 ++- - src/proto/main.pro | 3 ++- - src/testdir/test_startup.vim | 7 +++++++ - 4 files changed, 28 insertions(+), 6 deletions(-) - -diff --git a/src/main.c b/src/main.c -index ecc61f4d0be886..f603a52a52e09d 100644 ---- a/src/main.c -+++ b/src/main.c -@@ -144,6 +144,11 @@ main - atexit(vim_mem_profile_dump); - #endif - -+ /* -+ * Various initialisations #1 shared with tests. -+ */ -+ common_init_1(); -+ - #if defined(STARTUPTIME) || defined(FEAT_JOB_CHANNEL) - // Need to find "--startuptime" and "--log" before actually parsing - // arguments. -@@ -185,9 +190,9 @@ main - #endif - - /* -- * Various initialisations shared with tests. -+ * Various initialisations #2 shared with tests. - */ -- common_init(¶ms); -+ common_init_2(¶ms); - - #ifdef VIMDLL - // Check if the current executable file is for the GUI subsystem. -@@ -900,10 +905,10 @@ vim_main2(void) - } - - /* -- * Initialisation shared by main() and some tests. -+ * Initialisation #1 shared by main() and some tests. - */ - void --common_init(mparm_T *paramp) -+common_init_1(void) - { - estack_init(); - cmdline_init(); -@@ -925,7 +930,15 @@ common_init(mparm_T *paramp) - || (NameBuff = alloc(MAXPATHL)) == NULL) - mch_exit(0); - TIME_MSG("Allocated generic buffers"); -+} -+ - -+/* -+ * Initialisation #2 shared by main() and some tests. -+ */ -+ void -+common_init_2(mparm_T *paramp) -+{ - #ifdef NBDEBUG - // Wait a moment for debugging NetBeans. Must be after allocating - // NameBuff. -diff --git a/src/message_test.c b/src/message_test.c -index 62f7772470d0e4..83767ece930899 100644 ---- a/src/message_test.c -+++ b/src/message_test.c -@@ -508,7 +508,8 @@ main(int argc, char **argv) - CLEAR_FIELD(params); - params.argc = argc; - params.argv = argv; -- common_init(¶ms); -+ common_init_1(); -+ common_init_2(¶ms); - - set_option_value_give_err((char_u *)"encoding", 0, (char_u *)"utf-8", 0); - init_chartab(); -diff --git a/src/proto/main.pro b/src/proto/main.pro -index 496fe66be6950d..7e4c50803e8ef2 100644 ---- a/src/proto/main.pro -+++ b/src/proto/main.pro -@@ -1,6 +1,7 @@ - /* main.c */ - int vim_main2(void); --void common_init(mparm_T *paramp); -+void common_init_1(void); -+void common_init_2(mparm_T *paramp); - int is_not_a_term(void); - int is_not_a_term_or_gui(void); - void free_vbuf(void); -diff --git a/src/testdir/test_startup.vim b/src/testdir/test_startup.vim -index 7c703916045e70..c16e4ae27de3b2 100644 ---- a/src/testdir/test_startup.vim -+++ b/src/testdir/test_startup.vim -@@ -740,6 +740,13 @@ func Test_log() - call delete('Xlogfile') - endfunc - -+func Test_log_nonexistent() -+ " this used to crash Vim -+ CheckFeature channel -+ let result = join(systemlist(GetVimCommand() .. ' --log /X/Xlogfile -c qa!')) -+ call assert_match("E484: Can't open file", result) -+endfunc -+ - func Test_read_stdin() - let after =<< trim [CODE] - write Xtestout diff --git a/backport-CVE-2025-24014.patch b/backport-CVE-2025-24014.patch deleted file mode 100644 index 815b6cb7941b1744d2d92c1492ab8c74eab01275..0000000000000000000000000000000000000000 --- a/backport-CVE-2025-24014.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 9d1bed5eccdbb46a26b8a484f5e9163c40e63919 Mon Sep 17 00:00:00 2001 -From: Christian Brabandt -Date: Mon, 20 Jan 2025 22:55:57 +0100 -Subject: [PATCH] patch 9.1.1043: [security]: segfault in win_line() - -Problem: [security]: segfault in win_line() - (fizz-is-on-the-way) -Solution: Check that ScreenLines is not NULL - -Github Advisory: -https://github.com/vim/vim/security/advisories/GHSA-j3g9-wg22-v955 - -Signed-off-by: Christian Brabandt ---- - src/gui.c | 6 ++++-- - src/testdir/crash/ex_redraw_crash | 1 + - src/testdir/test_crash.vim | 6 ++++++ - 3 files changed, 11 insertions(+), 2 deletions(-) - create mode 100644 src/testdir/crash/ex_redraw_crash - -diff --git a/src/gui.c b/src/gui.c -index 8e7b079a5a4ea4..86c40de632aa1e 100644 ---- a/src/gui.c -+++ b/src/gui.c -@@ -4478,13 +4478,15 @@ gui_do_scroll(void) - /* - * Don't call updateWindow() when nothing has changed (it will overwrite - * the status line!). -+ * -+ * Check for ScreenLines, because in ex-mode, we don't have a valid display. - */ -- if (old_topline != wp->w_topline -+ if (ScreenLines != NULL && (old_topline != wp->w_topline - || wp->w_redr_type != 0 - #ifdef FEAT_DIFF - || old_topfill != wp->w_topfill - #endif -- ) -+ )) - { - int type = UPD_VALID; - -diff --git a/src/testdir/crash/ex_redraw_crash b/src/testdir/crash/ex_redraw_crash -new file mode 100644 -index 00000000000000..eda294cae12745 ---- /dev/null -+++ b/src/testdir/crash/ex_redraw_crash -@@ -0,0 +1 @@ -+vdivvi|gIv|÷�X��\��,X��X��\��# -X��\��<��\��,X��X -diff --git a/src/testdir/test_crash.vim b/src/testdir/test_crash.vim -index bfd04ff10f9a1b..c83ddf29ea1ca6 100644 ---- a/src/testdir/test_crash.vim -+++ b/src/testdir/test_crash.vim -@@ -234,6 +234,12 @@ func Test_crash1_3() - call term_sendkeys(buf, args) - call TermWait(buf, 50) - -+ let file = 'crash/ex_redraw_crash' -+ let cmn_args = "%s -u NONE -i NONE -n -m -X -Z -e -s -S %s -c ':qa!'" -+ let args = printf(cmn_args, vim, file) -+ call term_sendkeys(buf, args) -+ call TermWait(buf, 150) -+ - " clean up - exe buf .. "bw!" - bw! diff --git a/backport-CVE-2025-26603.patch b/backport-CVE-2025-26603.patch deleted file mode 100644 index badeed5d2715a6966587329410494f8c161299d0..0000000000000000000000000000000000000000 --- a/backport-CVE-2025-26603.patch +++ /dev/null @@ -1,62 +0,0 @@ -From c0f0e2380e5954f4a52a131bf6b8499838ad1dae Mon Sep 17 00:00:00 2001 -From: Christian Brabandt -Date: Sun, 16 Feb 2025 16:06:38 +0100 -Subject: [PATCH] patch 9.1.1115: [security]: use-after-free in str_to_reg() - -Problem: [security]: use-after-free in str_to_reg() - (fizz-is-on-the-way) -Solution: when redirecting the :display command, check that one - does not output to the register being displayed - -Github Advisory: -https://github.com/vim/vim/security/advisories/GHSA-63p5-mwg2-787v - -Signed-off-by: Christian Brabandt ---- - src/register.c | 3 ++- - src/testdir/test_registers.vim | 20 ++++++++++++++++++++ - 2 files changed, 22 insertions(+), 1 deletion(-) - -diff --git a/src/register.c b/src/register.c -index 0df05054ca7229..a9630f8ef5db93 100644 ---- a/src/register.c -+++ b/src/register.c -@@ -2420,7 +2420,8 @@ ex_display(exarg_T *eap) - - #ifdef FEAT_EVAL - if (name == MB_TOLOWER(redir_reg) -- || (redir_reg == '"' && yb == y_previous)) -+ || (vim_strchr((char_u *)"\"*+", redir_reg) != NULL && -+ (yb == y_previous || yb == &y_regs[0]))) - continue; // do not list register being written to, the - // pointer can be freed - #endif -diff --git a/src/testdir/test_registers.vim b/src/testdir/test_registers.vim -index 1177c2395d3f09..13127022666e04 100644 ---- a/src/testdir/test_registers.vim -+++ b/src/testdir/test_registers.vim -@@ -1085,4 +1085,24 @@ func Test_clipboard_regs_not_working2() - let $DISPLAY=display - endfunc - -+" This caused use-after-free -+func Test_register_redir_display() -+ " don't touch the clipboard, so only perform this, when the clipboard is not working -+ if has("clipboard_working") -+ throw "Skipped: skip touching the clipboard register!" -+ endif -+ let @"='' -+ redir @+> -+ disp +" -+ redir END -+ call assert_equal("\nType Name Content", getreg('+')) -+ let a = [getreg('1'), getregtype('1')] -+ let @1='register 1' -+ redir @+ -+ disp 1 -+ redir END -+ call assert_equal("register 1", getreg('1')) -+ call setreg(1, a[0], a[1]) -+endfunc -+ - " vim: shiftwidth=2 sts=2 expandtab diff --git a/v9.1.1019.tar.gz b/v9.1.1120.tar.gz similarity index 32% rename from v9.1.1019.tar.gz rename to v9.1.1120.tar.gz index 8951663e7f7b930197bd573b62e2d59c31982bad..1a891e2fefb7304ad3ce3c717bd6a6e8b66cb7b9 100644 --- a/v9.1.1019.tar.gz +++ b/v9.1.1120.tar.gz @@ -1,3 +1,3 @@ version https://git-lfs.github.com/spec/v1 -oid sha256:49014bc082523cb4149358514cfec8e5b3e789982ac2253322f166eb9e830897 -size 18413320 +oid sha256:7479376b4d89d96990e0930e6a009655a1440916e8e7752843ee823cf950d3b3 +size 18486545 diff --git a/vim-Add-sw64-architecture-debcontrol.patch b/vim-Add-sw64-architecture-debcontrol.patch new file mode 100644 index 0000000000000000000000000000000000000000..1d44a5a8f3629595733618d1bac58e2a5e28f4bb --- /dev/null +++ b/vim-Add-sw64-architecture-debcontrol.patch @@ -0,0 +1,11 @@ +--- vim-9.1.1043/runtime/syntax/debcontrol.vim.orig 2025-01-21 20:04:23.175132700 +0800 ++++ vim-9.1.1043/runtime/syntax/debcontrol.vim 2025-01-21 20:04:37.779219600 +0800 +@@ -31,7 +31,7 @@ + \ 'alpha', 'amd64', 'armeb', 'armel', 'armhf', 'arm64', 'avr32', 'hppa' + \, 'i386', 'ia64', 'loong64', 'lpia', 'm32r', 'm68k', 'mipsel', 'mips64el', 'mips' + \, 'powerpcspe', 'powerpc', 'ppc64el', 'ppc64', 'riscv64', 's390x', 's390', 'sh3eb' +- \, 'sh3', 'sh4eb', 'sh4', 'sh', 'sparc64', 'sparc', 'x32' ++ \, 'sh3', 'sh4eb', 'sh4', 'sh', 'sparc64', 'sparc', 'sw_64', 'x32' + \ ] + let s:pairs = [ + \ 'hurd-i386', 'kfreebsd-i386', 'kfreebsd-amd64', 'knetbsd-i386' diff --git a/vim.spec b/vim.spec index 3ad519545828f9824b10630473766ba072e38e86..ca75db6850c8353c9f70e2043b9cc5d02b81c9bd 100644 --- a/vim.spec +++ b/vim.spec @@ -4,13 +4,13 @@ %{!?_with_netbeans__:%define _with_netbeans__ 1} %define baseversion 9.1 -%define patchlevel 1019 +%define patchlevel 1120 %define vimdir vim91 Name: vim Epoch: 2 Version: %{baseversion}.%{patchlevel} -Release: 3 +Release: 1 Summary: Vim is a highly configurable text editor for efficiently creating and changing any kind of text. License: Vim AND LGPL-2.1-or-later AND MIT AND GPL-1.0-only AND (GPL-2.0-only OR Vim) AND Apache-2.0 AND BSD-2-Clause AND BSD-3-Clause AND GPL-2.0-or-later AND GPL-3.0-or-later AND OPUBL-1.0 AND Apache-2.0 WITH Swift-exception URL: https://www.vim.org @@ -23,10 +23,7 @@ Patch0001: vim-9.1-specsyntax.patch Patch0002: vim-8.0-copy-paste.patch Patch0003: vim-python3-tests.patch Patch0005: bugfix-rm-modify-info-version.patch - -Patch6000: backport-CVE-2025-24014.patch -Patch6001: backport-CVE-2025-1215.patch -Patch6002: backport-CVE-2025-26603.patch +Patch0006: vim-Add-sw64-architecture-debcontrol.patch BuildRequires: autoconf python3-devel ncurses-devel gettext perl-devel perl-generators gcc BuildRequires: perl(ExtUtils::Embed) perl(ExtUtils::ParseXS) libacl-devel gpm-devel file @@ -331,6 +328,9 @@ popd %doc README* %doc runtime/docs %config(noreplace) %{_sysconfdir}/vimrc +%dir %{_datadir}/%{name}/%{vimdir} +%{_datadir}/%{name}/%{vimdir}/LICENSE +%{_datadir}/%{name}/%{vimdir}/README.txt %{_datadir}/%{name}/%{vimdir}/{rgb.txt,autoload,colors,compiler,pack,doc} %{_datadir}/%{name}/%{vimdir}/{*.vim,ftplugin,indent,keymap,macros,plugin} %{_datadir}/%{name}/%{vimdir}/{print,syntax,tutor,spell} @@ -403,6 +403,8 @@ popd %{_bindir}/{vim,rvim,vimdiff,vimtutor} %files filesystem +%dir %{_datadir}/%{name} +%dir %{_datadir}/%{name}/vimfiles %dir %{_datadir}/%{name}/vimfiles/after/* %dir %{_datadir}/%{name}/vimfiles/{autoload,colors,compiler,doc,ftdetect,ftplugin} %dir %{_datadir}/%{name}/vimfiles/{indent,keymap,lang,plugin,print,spell,syntax,tutor} @@ -418,6 +420,10 @@ popd %{_mandir}/man1/evim.* %changelog +* Tue Feb 25 2025 Funda Wang - 2:9.1.1120-1 +- update to 9.1 patchlevel 1120 +- add sw_64 into debcontrol + * Tue Feb 18 2025 wangjiang - 2:9.1.1019-3 - fix CVE-2025-1215 CVE-2025-26603