summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/vim
Commit message (Collapse)AuthorAgeFilesLines
* vim: upgrade from 9.0.2130 -> 9.1.0114Tim Orling2024-02-183-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | https://www.vim.org/vim-9.1-released.php Vim 9.1 is available The Vim project is happy to announce that Vim 9.1 has finally been released. This release is dedicated to Bram Moolenaar, Vim's lead developer for more than 30 years, who passed away half a year ago. The Vim project wouldn't exist without his work! Vim 9.1 is mainly a bug fix release, it contains hundreds of bug fixes, a few new features and there are many minor improvements. Changes: https://github.com/vim/vim/compare/v9.0.2130...v9.1.0114 CVE: CVE-2024-22667 (includes commit https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47) (From OE-Core rev: 9f7e9c0f4360469b9775372272e0a442c7cc06c8) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade 9.0.2068 -> 9.0.2130Tim Orling2023-11-301-2/+2
| | | | | | | | | | | | | | | | | | https://github.com/vim/vim/compare/v9.0.2068...v9.0.2130 CVE: CVE-2023-48231 CVE: CVE-2023-48232 CVE: CVE-2023-48233 CVE: CVE-2023-48234 CVE: CVE-2023-48235 CVE: CVE-2023-48236 CVE: CVE-2023-48237 (From OE-Core rev: 5978d565a9e700485fc563dfe2e3c0045dd74b59) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.2048 -> 9.0.2068Archana Polampalli2023-11-221-2/+2
| | | | | | | | | | | | | This includes CVE fix for CVE-2023-46246. 9198c1f2b (tag: v9.0.2068) patch 9.0.2068: [security] overflow in :history References: https://nvd.nist.gov/vuln/detail/CVE-2023-46246 (From OE-Core rev: 63bc72ccb63d2f8eb591d7cc481657a538f0fd42) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: use upstream generated .po filesSteve Sakoman2023-11-211-2/+4
| | | | | | | | | | | | | | | | | | A previous commit attempted to fix reproducibility errors by forcing regeneration of .po files. Unfortunately this triggered a different type of reproducibility issue. Work around this by adjusting the timestamps of the troublesome .po files so they are not regenerated and we use the shipped upstream versions of the files. The shipped version of ru.cp1251.po doesn't seem to have been created with the vim tooling and specifies CP1251 instead of cp1251, fix that. (From OE-Core rev: 13d9551ba626f001c71bf908df16caf1d739cf13) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Improve locale handlingRichard Purdie2023-11-151-10/+4
| | | | | | | | | | | | | | | When making checkouts from git, the timestamps can vary and occasionally two files can end up with the same stamp. This triggers make to regenerate ru.cp1251.po from ru.po for example. If it isn't regenerated, the output isn't quite the same leading to reproducibility issues (CP1251 vs cp1251). Since we added all locales to buildtools tarball now, we can drop the locale restrictions too. We need to generate a native binary for the sjis conversion tool so also tweak that. (From OE-Core rev: 042c1a501b1dae5ddb31307b461be02c3591c589) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.2009 -> 9.0.2048Siddharth Doshi2023-10-191-2/+2
| | | | | | | | | This includes CVE fix for CVE-2023-5535. (From OE-Core rev: 9292eb70a2a0871cf235e4df0257d7028f43a278) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.1894 -> 9.0.2009Siddharth Doshi2023-10-141-2/+2
| | | | | | | | | | This includes CVE fix for CVE-2023-5441. (From OE-Core rev: 539b0c8938b7ac4338b087e04d8b8624b7546237) Signed-off-by: Siddharth Doshi <sdoshi@mvista.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.1664 -> 9.0.1894Richard Purdie2023-09-121-3/+3
| | | | | | | | | | | This includes multiple CVE fixes. The license change is due to changes in maintainership, the license itself is unchanged. (From OE-Core rev: 91e66b93a0c0928f0c2cfe78e22898a6c9800f34) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade 9.0.1592 -> 9.0.1664Archana Polampalli2023-09-081-2/+2
| | | | | | | | | | | Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-3896 8154e642a (tag: v9.0.1664) patch 9.0.1664: divide by zero when scrolling with 'smoothscroll' set (From OE-Core rev: 4a1ab744142c9229f03a359b45e5e89a1fbae0d3) Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: update obsolete commentEtienne Cordonnier2023-08-221-3/+2
| | | | | | | | | | | | | | | | | | | vim 8.3 has been out for a long time, so this comment is obsolete. However we still need UPSTREAM_VERSION_UNKNOWN, since we ignore the last digit of the upstream version number. Test result: $ devtool check-upgrade-status vim ... INFO: vim 9.0.1592 UNKNOWN Tom Rini <trini@konsulko.com> c0370529c027abc5b1698d53fcfb8c02a0c515da (From OE-Core rev: 65f5de85c3f488136d1ec2b1f7fe8d8426d6c5b3) (From OE-Core rev: 868a19357841470eb55fb7f1c4ab1af09dea99ed) Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade 9.0.1527 -> 9.0.1592Trevor Gamblin2023-05-311-2/+2
| | | | | | | | | | | | | | | Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2609 d1ae836 patch 9.0.1531: crash when register contents ends up being invalid https://nvd.nist.gov/vuln/detail/CVE-2023-2610 ab9a2d8 patch 9.0.1532: crash when expanding "~" in substitute causes very long text (From OE-Core rev: 1e4b4dfb4145bc00eb6937b5f54a41170e9a5b4c) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade 9.0.1429 -> 9.0.1527Randy MacLeod2023-05-221-2/+2
| | | | | | | | | | | Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2426 caf642c25 patch 9.0.1499: using uninitialized memory with fuzzy matching (From OE-Core rev: 4f9a8df5aca99d0a5c2d2346b27ce7be08e7896c) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade 9.0.1403 -> 9.0.1429Randy MacLeod2023-03-301-2/+2
| | | | | | | | | | | Fixes: CVE-2023-1127, CVE-2023-1170, CVE-2023-1175, CVE-2023-1264, CVE-2023-1355 (From OE-Core rev: 2415072c3800feb164dd4d1fa0b56bd141a5cbd8) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade to 9.0.1403Ross Burton2023-03-141-4/+3
| | | | | | | | | | | | This incorporates fixes for CVE-2023-1127, CVE-2023-1170, CVE-2023-1175. Also remove runtime/doc/uganda.txt from the license checksum: the Vim license is also in the top-level LICENSE file so this is redundant. (From OE-Core rev: 71111e6b62d37c5e6853d7940dec2993df127a35) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: set modified-by to the recipe MAINTAINERRoss Burton2023-03-141-0/+1
| | | | | | | | | | | | | | | | Clause II.3 of the Vim license states that any distribution of Vim that has been extended or modified must _at least_ indicate in the :version output that this is the case. Handily, Vim has a --with-modified-by argument to add a line in that text, so use MAINTAINER. This is the distribution maintainer contact, by default it is OE-Core Developers <openembedded-core@lists.openembedded.org>. (From OE-Core rev: acc007e23445aa53182e13902dd9509c39dd5645) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: add missing pkgconfig inheritRoss Burton2023-03-061-1/+1
| | | | | | | | | | | | | Vim uses pkgconfig to find dependencies but it wasn't present, so it silently doesn't enable features like GTK+ UI. [ YOCTO #15044 ] (From OE-Core rev: 70900616298f5e70732a34e7406e585e323479ed) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEsAlexander Kanavin2023-02-151-2/+2
| | | | | | | | (From OE-Core rev: 6d77dbe499ee362b6e28902f1efcf52b961037a5) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade 9.0.0947 -> 9.0.1211Randy MacLeod2023-01-181-2/+2
| | | | | | | | | | | | | | Includes fixes for: https://nvd.nist.gov/vuln/detail/CVE-2023-0049 https://nvd.nist.gov/vuln/detail/CVE-2023-0051 https://nvd.nist.gov/vuln/detail/CVE-2023-0054 https://nvd.nist.gov/vuln/detail/CVE-2023-0288 (From OE-Core rev: 1c51068c78d12ee02789a6dbecf5e7e91d141af5) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade 9.0.0820 -> 9.0.0947Qiu, Zheng2022-12-051-2/+2
| | | | | | | | | | | | | | Includes fixes for CVE-2022-4141 https://nvd.nist.gov/vuln/detail/CVE-2022-4141 For a short list of important changes, see: https://www.arp242.net/vimlog/ (From OE-Core rev: 160f459febc7fb36cc0fe85c63eb26780ace3bfd) Signed-off-by: Zheng Qiu <zheng.qiu@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade 9.0.0614 -> 9.0.0820Tim Orling2022-11-011-2/+2
| | | | | | | | | | | | | | Includes fixes for CVE-2022-3705 https://nvd.nist.gov/vuln/detail/CVE-2022-3705 For a short list of important changes, see: https://www.arp242.net/vimlog/ (From OE-Core rev: f6d917bd0f8810b5ed8d403ad25d59cda2fc9574) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.0598 -> 9.0.0614Teoh Jay Shen2022-10-261-2/+2
| | | | | | | | | | Include fixes for CVE-2022-3352. (From OE-Core rev: 8aa707f80ae1cfe89d5e20ec1f1632a65149aed4) Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.0541 -> 9.0.0598Richard Purdie2022-09-281-2/+2
| | | | | | | | | | Includes a fix for CVE-2022-3278. (From OE-Core rev: 98c40271692147873a622e168e8b2e90a9fcc54c) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.453 -> 9.0.541Richard Purdie2022-09-221-2/+2
| | | | | | | | Includes a fix for CVE-2022-3234. (From OE-Core rev: d6b54f37aa4db1457296b8981b630a49d251ceb5) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.0341 -> 9.0.0453Richard Purdie2022-09-131-2/+2
| | | | | | | | Includes fixes for CVE-2022-3099 and CVE-2022-3134. (From OE-Core rev: d042923262130b6b96f703b5cd4184f659caeb92) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.0242 -> 9.0.0341Richard Purdie2022-09-021-2/+2
| | | | | | | | | | Addresses CVE-2022-2980, CVE-2022-2946 and CVE-2022-2982. (From OE-Core rev: 01c08d47ecfcc7aefacc8280e0055c75b13795b2) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.0115 -> 9.0.0242Richard Purdie2022-08-231-2/+2
| | | | | | | | | | | | | | | | | Includes fixes for: CVE-2022-2816 CVE-2022-2817 CVE-2022-2819 CVE-2022-2845 CVE-2022-2849 CVE-2022-2862 CVE-2022-2874 CVE-2022-2889 (From OE-Core rev: 3ec2d27d09444213ec1c9b91c6f8c4363f297294) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: update from 9.0.0063 to 9.0.0115Randy MacLeod2022-08-023-92/+2
| | | | | | | | | | | | | | | | | | Drop crosscompile.patch which was merged as part of: 509695c1c (tag: v9.0.0065) patch 9.0.0065: \ cross-compiling doesn't work because of timer_create check Also drop: racefix.patch which may have been fixed upstream and is being tracked by: https://github.com/vim/vim/pull/10776 where upstream is asking if the different approach resolves the race condition. Let's see what's out there! (From OE-Core rev: 6996472cd33d2d4b91821f2dfe24a27a697e4afe) Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 9.0.0021 -> 9.0.0063Richard Purdie2022-07-253-6/+66
| | | | | | | | | | | | Pulls in several CVE fixes. Added a patch to avoid timer_create cross compile issue (and submitted upstream). Also submit the race fix upstream. We disable timer_create in the native case since some systems have it and some don't so this makes us consistent. (From OE-Core rev: d0c1de084c7ce030d47a428e4bbfbc4ce2996057) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: not adjust script pathnames for native scripts eitherMingli Yu2022-07-121-14/+21
| | | | | | | | | | | | | | | After the below commit introduced, the shebang size of native scripts is also checked, so rework the patch to fix the gap. 377fe11bc0 insane.bbclass: Make do_qa_staging check shebangs Fixes: ERROR: QA Issue: : /work/x86_64-linux/vim-native/9.0.0005-r0/sysroot-destdir/work/x86_64-linux/vim-native/9.0.0005-r0/recipe-sysroot-native/usr/share/vim/vim90/tools/mve.awk maximum shebang size exceeded, the maximum size is 128. [shebang-size] ERROR: QA Issue: : /work/x86_64-linux/vim-native/9.0.0005-r0/sysroot-destdir/work/x86_64-linux/vim-native/9.0.0005-r0/recipe-sysroot-native/usr/share/vim/vim90/tools/efm_perl.pl maximum shebang size exceeded, the maximum size is 128. [shebang-size] (From OE-Core rev: 79232458b9cdc741a2049d83839af73f58a5554c) Signed-off-by: Mingli Yu <mingli.yu@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade to 9.0.0021Ross Burton2022-07-121-2/+2
| | | | | | | | | | | | | | | This fixes the following CVEs: - CVE-2022-2257 - CVE-2022-2264 - CVE-2022-2284 - CVE-2022-2285 - CVE-2022-2286 - CVE-2022-2287 (From OE-Core rev: 03c044a81a76b7505b9d5bf0d936dde75b51905e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: 8.2.5083 -> 9.0.0005Richard Purdie2022-06-303-3/+3
| | | | | | | | The license checksum changed due to a major version change in the referenced file. (From OE-Core rev: 89f34d8aa4f4572d048dbb732ca4c83d443157fb) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 8.2.5034 -> 8.2.5083Richard Purdie2022-06-151-2/+2
| | | | | | | | | | Includes fixes for CVE-2022-1927, CVE-2022-1942. (From OE-Core rev: 1e740b5c2227c0040621ae63436d06db4873670f) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: put xxd in its own packageRasmus Villemoes2022-06-081-2/+6
| | | | | | | | | | | | | | | | The xxd tool can be quite handy by itself, and doesn't have anything to do with vim per se. Make it possible to include the rather tiny xxd in a rootfs without pulling in the several MB vim binary and associated data. For backwards compatibility, add an RDEPENDS from the main package to the new vim-xxd package. (From OE-Core rev: 06ed2aa93fc25a681e3a00ee120d9395b04845da) Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEsRichard Purdie2022-05-281-2/+2
| | | | | | | | | Address CVE-2022-1621, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735 CVE-2022-1769, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796 (From OE-Core rev: fafce97bd440150ac5c586b53b887ee70a5b66bd) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 8.2.4681 -> 8.2.4912Richard Purdie2022-05-081-2/+2
| | | | | | | | Includes fixes for CVE-2022-1381, CVE-2022-1420. (From OE-Core rev: 77d745bd49c979de987c75fd7a3af116e99db82b) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 8.2.4524 -> 8.2.4681Richard Purdie2022-04-051-3/+3
| | | | | | | | | | | | License change is a date in the license file only. This includes a fix for CVE-2022-0943. (From OE-Core rev: 69bc2f37d6ca7fa4823237b45dd698b8debca0a9) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Update to 8.2.4524 for further CVE fixesRichard Purdie2022-03-081-2/+2
| | | | | | | | Includes CVE-2022-0696, CVE-2022-0714, CVE-2022-0729. (From OE-Core rev: 0d29988958e48534a0076307bb2393a3c1309e03) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 8.2.4314 -> 8.2.4424Richard Purdie2022-02-211-3/+3
| | | | | | | | | | License file had some grammar fixes. Includes CVE-2022-0554. (From OE-Core rev: a8d0a4026359c2c8a445dba9456f8a05470293c1) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* meta/meta-selftest/meta-skeleton: Update LICENSE variable to use SPDX ↵Richard Purdie2022-02-201-1/+1
| | | | | | | | | | | | | license identifiers An automated conversion using scripts/contrib/convert-spdx-licenses.py to convert to use the standard SPDX license identifiers. Two recipes in meta-selftest were not converted as they're that way specifically for testing. A change in linux-firmware was also skipped and may need a more manual tweak. (From OE-Core rev: ceda3238cdbf1beb216ae9ddb242470d5dfc25e0) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: Upgrade 4269 -> 4134Richard Purdie2022-02-071-3/+4
| | | | | | | | | | | | License text underwent changes on how to submit Uganda donations, switch from http to https urls and an update date change but the license itself is unchanged. Also, add an entry for the top level license file. This is also the vim license so LICENSE is unchanged but we should monitor it too. (From OE-Core rev: d195005e415b0b2d7c8b0b65c0aef888d4d6fc8e) Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade to patch 4269Ross Burton2022-02-011-2/+2
| | | | | | | | | | | | | Upgrade to the latest patch release to fix the following CVEs: - CVE-2022-0261 - CVE-2022-0318 - CVE-2022-0319 (From OE-Core rev: 96442e681c3acd82b09e3becd78e902709945f1f) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: update to include latest CVE fixesRoss Burton2022-01-171-5/+2
| | | | | | | | | | | | | | | | | | Update the version to 4.2.4118, which incorporates the following CVE fixes: - CVE-2021-4187 - CVE-2022-0128 - CVE-2022-0156 - CVE-2022-0158 Also remove the explicit whitelisting of CVE-2021-3968 as this is now handled with an accurate CPE specifying the fixed version. (From OE-Core rev: 764519ad0da6b881918667ca272fcc273b56168a) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: do not report upstream version check as brokenAlexander Kanavin2021-12-171-0/+3
| | | | | | | | | | | | As upstream tags point releases with every commit and the version check still reports 8.2, it should not be considered broken (e.g. current version newer than latest version) until 8.3 is released. (From OE-Core rev: 11d8ee09b1bdec4824203dc0169093b2ae9d101a) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: upgrade to 8.2 patch 3752Ross Burton2021-12-0815-865/+28
| | | | | | | | | | | | | | There's a fairly constant flow of CVEs being fixed in Vim, which are getting increasing non-trivial to backport. Instead of trying to backport (and potentially introduce more bugs), or just ignoring them entirely, upgrade vim to the latest patch in the hope that vim 8.3 will be released before we release Kirkstone. (From OE-Core rev: 78a4796de27d710f97c336d288d797557a58694e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: set PACKAGECONFIG idiomaticallyRoss Burton2021-12-011-3/+1
| | | | | | | | | Don't set an empty default value and them immediately assign to it. (From OE-Core rev: d7565241437487618a57d8f3f21da6fed69f6b8a) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: fix CVE-2021-3968 and CVE-2021-3973Ross Burton2021-12-012-0/+96
| | | | | | | | | | Backport a fix for -3972, and whitelist -3968: it isn't valid as it fixes a bug which was introduced after 8.2. (From OE-Core rev: bec5caadfb53638748d8c41ce7230c2bf7808d27) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* patches: correct whitespace/spelling for Upstream-Status tagsAlexander Kanavin2021-11-211-1/+1
| | | | | | | (From OE-Core rev: c613ca14c35a5d1782c79a25b83875cbfa2b952b) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: fix CVE-2021-3927 and CVE-2021-3928Ross Burton2021-11-163-0/+127
| | | | | | | (From OE-Core rev: 2001631e7a6edb7adc40ee4357466cc54472db71) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: add patch number to CVE-2021-3778 patchRoss Burton2021-11-101-11/+26
| | | | | | | (From OE-Core rev: 222be29051a3543ac63a0eb07019e90d44429b16) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
* vim: fix CVE-2021-3796, CVE-2021-3872, and CVE-2021-3875Ross Burton2021-11-105-2/+344
| | | | | | | | | Backport patches from upstream to fix these CVEs. (From OE-Core rev: b493eb4f9a6bb75a2f01a53b6c70762845bf79f9) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-05-11 17:02:58 +0000