Could we get Vim 9 packaged to fix CVEs

Marco Atzeri marco.atzeri@gmail.com
Mon Nov 27 06:48:17 GMT 2023


On 17.11.2023 23:14, Brian Inglis via Cygwin wrote:
> On 2023-11-12 15:27, Brian Inglis via Cygwin wrote:
>> On 2023-11-09 09:35, Jack S via Cygwin wrote:
>>> Would it be possible to update the vim packages with Vim 9, please?
> 
>> Also now:
>>      https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm
> 
> Expanding above:
> 
> CVE-2023-46246: Integer overflow in :history Ex-Command in Vim < 9.0.2068
> https://github.com/vim/vim/security/advisories/GHSA-q22m-h7m2-9mgm
> fixed in Vim patch 9.0.2068
> https://github.com/vim/vim/commit/9198c1f2b1ddecde22af918541e0de2a32f0f45a
> 
...

Noted

Regards
Marco



More information about the Cygwin mailing list