[SCM] Vim packaging branch, maint/etch, updated. 94dad9d12d6985367ed37b65fceb1e72e11b67ae

Mon Feb 9 00:36:49 UTC 2009

The following commit has been merged in the maint/etch branch:
commit 40e92f6a2f07629d1c12cb1c192ff2de2ddadefd
Author: James Vega <jamessan at debian.org>
Date:   Fri Feb 6 23:46:43 2009 -0500

    Add patch CVE-2008-2712-zip.vim.diff to fix autoload/zip.vim
    
    Signed-off-by: James Vega <jamessan at debian.org>

diff --git a/debian/changelog b/debian/changelog
index 4963bf0..b0ceb0e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -5,6 +5,7 @@ vim (1:7.0-122+1etch4) UNRELEASED; urgency=high
     - Add upstream patches 7.1.299, 7.1.300, 7.1.305.
     - Add patch CVE-2008-2712-xpm.vim.diff to fix syntax/xpm.vim and
       syntax/xpm2.vim.
+    - Add patch CVE-2008-2712-zip.vim.diff to fix autoload/zip.vim.
 
  -- James Vega <jamessan at debian.org>  Tue, 03 Feb 2009 22:19:11 -0500
 
diff --git a/patches/CVE-2008-2712-zip.vim.diff b/patches/CVE-2008-2712-zip.vim.diff
new file mode 100644
index 0000000..f0f51b9
--- /dev/null
+++ b/patches/CVE-2008-2712-zip.vim.diff
@@ -0,0 +1,138 @@
+Index: vim/runtime/autoload/zip.vim
+===================================================================
+--- vim/runtime/autoload/zip.vim.orig
++++ vim/runtime/autoload/zip.vim
+@@ -1,7 +1,7 @@
+ " zip.vim: Handles browsing zipfiles
+ "            AUTOLOAD PORTION
+ " Date:			May 01, 2006
+-" Version:		9
++" Version:		9+debian
+ " Maintainer:	Charles E Campbell, Jr <drchipNOSPAM at campbellfamily dot biz>
+ " License:		Vim License  (see vim's :help license)
+ " Copyright:    Copyright (C) 2005 Charles E. Campbell, Jr. {{{1
+@@ -22,7 +22,7 @@
+  finish
+ endif
+ 
+-let g:loaded_zip     = "v9"
++let g:loaded_zip     = "v9+debian"
+ let s:zipfile_escape = ' ?&;\'
+ 
+ " ----------------
+@@ -68,22 +68,23 @@
+   set ft=tar
+ 
+   " give header
+-  exe "$put ='".'\"'." zip.vim version ".g:loaded_zip."'"
+-  exe "$put ='".'\"'." Browsing zipfile ".a:zipfile."'"
+-  exe "$put ='".'\"'." Select a file with cursor and press ENTER"."'"
++  let lastline= line("$")
++  call setline(lastline+1,'" zip.vim version '.g:loaded_zip)
++  call setline(lastline+2,'" Browsing zipfile'.a:zipfile)
++  call setline(lastline+3,'" Select a file with cursor and press ENTER')
+   $put =''
+   0d
+   $
+ 
+ "  call Decho("exe silent r! unzip -l '".a:zipfile."'")
+-  exe "silent r! unzip -l '".a:zipfile."'"
++  exe "silent r! unzip -l -- ".shellescape(a:zipfile,1)
+   if v:shell_error != 0
+    echohl WarningMsg | echo "***warning*** (zip#Browse) ".a:zipfile." is not a zip file" | echohl None
+    call inputsave()|call input("Press <cr> to continue")|call inputrestore()
+    silent %d
+    let eikeep= &ei
+    set ei=BufReadCmd,FileReadCmd
+-   exe "r ".a:zipfile
++   exe "r ".fnameescape(a:zipfile)
+    let &ei= eikeep
+    1d
+ "   call Dret("zip#Browse")
+@@ -140,7 +141,7 @@
+   wincmd _
+   let s:zipfile_{winnr()}= curfile
+ "  call Decho("exe e zipfile:".escape(zipfile,s:zipfile_escape).'::'.escape(fname,s:zipfile_escape))
+-  exe "e zipfile:".escape(zipfile,s:zipfile_escape).'::'.escape(fname,s:zipfile_escape)
++  exe "e ".fnameescape("zipfile:".zipfile.'::'.fname)
+   filetype detect
+ 
+   let &report= repkeep
+@@ -165,7 +166,7 @@
+ "  call Decho("fname  <".fname.">")
+ 
+ "  call Decho("exe r! unzip -p '".zipfile."' '".fname."'")
+-  exe "silent r! unzip -p '".zipfile."' '".fname."'"
++  exe "silent r! unzip -p -- ".shellescape(zipfile,1)." ".shellescape(fname,1)
+ 
+   " cleanup
+   0d
+@@ -209,7 +210,7 @@
+ 
+   " attempt to change to the indicated directory
+   try
+-   exe "cd ".escape(tmpdir,' \')
++   exe "cd ".fnameescape(tmpdir)
+   catch /^Vim\%((\a\+)\)\=:E344/
+    echohl Error | echo "***error*** (zip#Write) cannot cd to temporary directory" | Echohl None
+    call inputsave()|call input("Press <cr> to continue")|call inputrestore()
+@@ -240,7 +241,7 @@
+   if fname =~ '/'
+    let dirpath = substitute(fname,'/[^/]\+$','','e')
+    if executable("cygpath")
+-    let dirpath = substitute(system("cygpath ".dirpath),'\n','','e')
++    let dirpath = substitute(system("cygpath ".shellescape(dirpath)),'\n','','e')
+    endif
+ "   call Decho("mkdir(dirpath<".dirpath.">,p)")
+    call mkdir(dirpath,"p")
+@@ -250,13 +251,13 @@
+   endif
+ "  call Decho("zipfile<".zipfile."> fname<".fname.">")
+ 
+-  exe "w! ".escape(fname,s:zipfile_escape)
++  exe "w! ".fnameescape(fname)
+   if executable("cygpath")
+-   let zipfile = substitute(system("cygpath ".zipfile),'\n','','e')
++   let zipfile = substitute(system("cygpath ".shellescape(zipfile)),'\n','','e')
+   endif
+ 
+ "  call Decho("zip -u '".zipfile.".zip' '".fname."'")
+-  call system("zip -u '".zipfile.".zip' '".fname."'")
++  call system("zip -u ".shellescape(fnamemodify(zipfile.".zip",":p"))." ".shellescape(fname))
+   if v:shell_error != 0
+    echohl Error | echo "***error*** (zip#Write) sorry, unable to update ".zipfile." with ".fname | echohl None
+    call inputsave()|call input("Press <cr> to continue")|call inputrestore()
+@@ -269,7 +270,7 @@
+    let binkeep= &binary
+    let eikeep = &ei
+    set binary ei=all
+-   exe "e! ".zipfile.".zip"
++   exe "e! ".fnameescape(zipfile.".zip")
+    call netrw#NetWrite(netzipfile)
+    let &ei     = eikeep
+    let &binary = binkeep
+@@ -280,7 +281,7 @@
+   " cleanup and restore current directory
+   cd ..
+   call s:Rmdir("_ZIPVIM_")
+-  exe "cd ".escape(curdir,' \')
++  exe "cd ".fnameescape(curdir)
+   setlocal nomod
+ 
+   let &report= repkeep
+@@ -292,12 +293,12 @@
+ fun! s:Rmdir(fname)
+ "  call Dfunc("Rmdir(fname<".a:fname.">)")
+   if has("unix")
+-   call system("/bin/rm -rf ".a:fname)
++   call system("/bin/rm -rf ".shellescape(a:fname))
+   elseif has("win32") || has("win95") || has("win64") || has("win16")
+    if &shell =~? "sh$"
+-    call system("/bin/rm -rf ".a:fname)
++    call system("/bin/rm -rf ".shellescape(a:fname))
+    else
+-    call system("del /S ".a:fname)
++    call system("del /S ".shellescape(a:fname))
+    endif
+   endif
+ "  call Dret("Rmdir")
diff --git a/patches/series b/patches/series
index 1d80b43..dd47417 100644
--- a/patches/series
+++ b/patches/series
@@ -19,3 +19,4 @@ changelog.vim-ftplugin_buffer-split.diff -p0
 zh_TW.po-swap_recovery_typo.diff -p0
 option.c-foldnestmax_check.diff -p0
 CVE-2008-2712-xpm.vim.diff -p0
+CVE-2008-2712-zip.vim.diff -p0

-- 
Vim packaging

