[neovim] 05/06: Add changelog entry for undo/spellfile fixes

James McCoy jamessan at debian.org
Mon Apr 10 13:17:31 UTC 2017


This is an automated email from the git hooks/post-receive script.

jamessan pushed a commit to branch debian/sid
in repository neovim.

commit 2d470b9586e54ba035a167b618ddc065eda4e55e
Author: James McCoy <jamessan at debian.org>
Date:   Mon Apr 10 08:14:48 2017 -0400

    Add changelog entry for undo/spellfile fixes
    
    Signed-off-by: James McCoy <jamessan at debian.org>
---
 debian/changelog | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 42983be..2203cdb 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+neovim (0.1.7-4) UNRELEASED; urgency=high
+
+  * Cherry-pick b338bb9d & 4af6c608 from upstream to fix buffer overflow if a
+    spellfile has an invalid length in it.  (CVE-2017-5953)
+  * Cherry-pick fb66a7c6 & ad66826a from upstream to fix buffer overflows when
+    reading corrupted undo files.  (CVE-2017-6349 & CVE-2017-6350)
+
+ -- James McCoy <jamessan at debian.org>  Mon, 10 Apr 2017 08:05:08 -0400
+
 neovim (0.1.7-3) unstable; urgency=medium
 
   * Disable global_spec.lua since it's rather flaky.

-- 
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/pkg-vim/neovim.git



More information about the pkg-vim-maintainers mailing list