public inbox for buildroot@busybox.net
 help / color / mirror / Atom feed
* [Buildroot] [PATCH] package/vim: security bump to v9.1.2148
@ 2026-03-03 11:04 Thomas Perale via buildroot
  2026-03-03 17:22 ` Julien Olivain via buildroot
  2026-03-06 19:53 ` Thomas Perale via buildroot
  0 siblings, 2 replies; 3+ messages in thread
From: Thomas Perale via buildroot @ 2026-03-03 11:04 UTC (permalink / raw)
  To: buildroot; +Cc: Giulio Benetti

For changes, see:

  - https://github.com/vim/vim/compare/v9.1.2017...v9.1.2148

Fixes the following vulnerabilities:

- CVE-2026-25749:
    Vim is an open source, command line text editor. Prior to version
    9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag
    file resolution logic when processing the 'helpfile' option. The
    vulnerability is located in the get_tagfname() function in src/tag.c.
    When processing help file tags, Vim copies the user-controlled
    'helpfile' option value into a fixed-size heap buffer of MAXPATHL + 1
    bytes (typically 4097 bytes) using an unsafe STRCPY() operation
    without any bounds checking. This issue has been patched in version
    9.1.2132.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2026-25749
  - https://github.com/vim/vim/commit/0714b15940b245108e6e9d7aa2260dd849a26fa9

- CVE-2026-26269:
    Vim is an open source, command line text editor. Prior to 9.1.2148, a
    stack buffer overflow vulnerability exists in Vim's NetBeans
    integration when processing the specialKeys command, affecting Vim
    builds that enable and use the NetBeans feature. The Stack buffer
    overflow exists in special_keys() (in src/netbeans.c). The while
    (*tok) loop writes two bytes per iteration into a 64-byte stack buffer
    (keybuf) with no bounds check. A malicious NetBeans server can
    overflow keybuf with a single specialKeys command. The issue has been
    fixed as of Vim patch v9.1.2148.

For more information, see:
  - https://www.cve.org/CVERecord?id=CVE-2026-26269
  - https://github.com/vim/vim/commit/c5f312aad8e4179e437f81ad39a860cd0ef11970

Signed-off-by: Thomas Perale <thomas.perale@mind.be>
---
 ...src-Makefile-create-links-with-ln-sf.patch | 78 -------------------
 package/vim/vim.hash                          |  2 +-
 package/vim/vim.mk                            |  2 +-
 3 files changed, 2 insertions(+), 80 deletions(-)
 delete mode 100644 package/vim/0001-src-Makefile-create-links-with-ln-sf.patch

diff --git a/package/vim/0001-src-Makefile-create-links-with-ln-sf.patch b/package/vim/0001-src-Makefile-create-links-with-ln-sf.patch
deleted file mode 100644
index 54d423aacf..0000000000
--- a/package/vim/0001-src-Makefile-create-links-with-ln-sf.patch
+++ /dev/null
@@ -1,78 +0,0 @@
-From 5686ef63f81fcac2ca6ec6e7160829b295ad4e79 Mon Sep 17 00:00:00 2001
-From: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-Date: Sun, 28 Dec 2025 15:01:38 +0100
-Subject: [PATCH] src/Makefile: create links with ln -sf
-
-Running "make installlinks" twice towards the same destination
-directory will fail, as symlink will already exist. This is not really
-expected as "make install" is normally expected to work again and
-again towards the same destination directory.
-
-Fix this by using ln -sf.
-
-Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
-Upstream: https://github.com/vim/vim/commit/6df5360691266b5eca49380e94f3e21fa48e5e0b
----
- src/Makefile | 24 ++++++++++++------------
- 1 file changed, 12 insertions(+), 12 deletions(-)
-
-diff --git a/src/Makefile b/src/Makefile
-index 6fb1eb95e..39f798260 100644
---- a/src/Makefile
-+++ b/src/Makefile
-@@ -2746,40 +2746,40 @@ installvimdiff: $(DEST_BIN)/$(VIMDIFFTARGET)
- installgvimdiff: $(DEST_BIN)/$(GVIMDIFFTARGET)
- 
- $(DEST_BIN)/$(EXTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(EXTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(EXTARGET)
- 
- $(DEST_BIN)/$(VIEWTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(VIEWTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(VIEWTARGET)
- 
- $(DEST_BIN)/$(GVIMTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(GVIMTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(GVIMTARGET)
- 
- $(DEST_BIN)/$(GVIEWTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(GVIEWTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(GVIEWTARGET)
- 
- $(DEST_BIN)/$(RVIMTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(RVIMTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(RVIMTARGET)
- 
- $(DEST_BIN)/$(RVIEWTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(RVIEWTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(RVIEWTARGET)
- 
- $(DEST_BIN)/$(RGVIMTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(RGVIMTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(RGVIMTARGET)
- 
- $(DEST_BIN)/$(RGVIEWTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(RGVIEWTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(RGVIEWTARGET)
- 
- $(DEST_BIN)/$(VIMDIFFTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(VIMDIFFTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(VIMDIFFTARGET)
- 
- $(DEST_BIN)/$(GVIMDIFFTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(GVIMDIFFTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(GVIMDIFFTARGET)
- 
- $(DEST_BIN)/$(EVIMTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(EVIMTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(EVIMTARGET)
- 
- $(DEST_BIN)/$(EVIEWTARGET): $(DEST_BIN)
--	cd $(DEST_BIN); ln -s $(VIMTARGET) $(EVIEWTARGET)
-+	cd $(DEST_BIN); ln -sf $(VIMTARGET) $(EVIEWTARGET)
- 
- # Create links for the manual pages with various names to vim.	This is only
- # done when the links (or manpages with the same name) don't exist yet.
--- 
-2.52.0
-
diff --git a/package/vim/vim.hash b/package/vim/vim.hash
index f7c883b929..ecc41be702 100644
--- a/package/vim/vim.hash
+++ b/package/vim/vim.hash
@@ -1,4 +1,4 @@
 # Locally computed
-sha256  be1d60091d27bbdbc090e0bb19798baeea378aa29645fd47dc4c222dc14efcaf  vim-9.1.2017.tar.gz
+sha256  f9ec31df8f1a78e130dd06c395e6626c2a8a8ec2705d8e7b7667bd3ecd499c6b  vim-9.1.2148.tar.gz
 sha256  0b3f1f330cb1b179bb17c7c687d4cec601e0aa3462bc7f890ad4c3888d37d720  LICENSE
 sha256  ee1d0885bbc4a95a24e49873a075391bdf26b69d13758e30f3d9271f8f42bd2d  README.txt
diff --git a/package/vim/vim.mk b/package/vim/vim.mk
index fa7d47d67d..9201587a8a 100644
--- a/package/vim/vim.mk
+++ b/package/vim/vim.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-VIM_VERSION = 9.1.2017
+VIM_VERSION = 9.1.2148
 VIM_SITE = $(call github,vim,vim,v$(VIM_VERSION))
 VIM_DEPENDENCIES = ncurses $(TARGET_NLS_DEPENDENCIES)
 VIM_SUBDIR = src
-- 
2.53.0

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2026-03-06 19:53 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-03 11:04 [Buildroot] [PATCH] package/vim: security bump to v9.1.2148 Thomas Perale via buildroot
2026-03-03 17:22 ` Julien Olivain via buildroot
2026-03-06 19:53 ` Thomas Perale via buildroot

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox