[neovim] 03/04: Add changelog entry for CVE-2016-1248 fix

James McCoy jamessan at debian.org
Tue Nov 22 16:49:23 UTC 2016


This is an automated email from the git hooks/post-receive script.

jamessan pushed a commit to branch debian/sid
in repository neovim.

commit 3fe68f5870ca8ee620db83c858d74116b7a7a811
Author: James McCoy <jamessan at debian.org>
Date:   Mon Nov 21 21:55:48 2016 -0500

    Add changelog entry for CVE-2016-1248 fix
    
    Signed-off-by: James McCoy <jamessan at debian.org>
---
 debian/changelog | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 4f1f692..a18530b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+neovim (0.1.6-4) UNRELEASED; urgency=medium
+
+  * Cherry-pick 4fad66fb and c685879e from upstream to fix an issue where
+    malicious modelines could execute arbitrary shell commands.
+    (CVE-2016-1248)
+
+ -- James McCoy <jamessan at debian.org>  Mon, 21 Nov 2016 21:52:13 -0500
+
 neovim (0.1.6-3) unstable; urgency=medium
 
   * Cherry-pick 5e1dc26f from upstream to remove a flaky test, which was

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-vim/neovim.git



More information about the pkg-vim-maintainers mailing list