Buildroot Archive on lore.kernel.org
 help / color / mirror / Atom feed
* [Buildroot] [PATCH v3] package/vim: security bump to version 9.1.1684
@ 2025-08-24 20:39 Daniel Lang via buildroot
  2025-08-25 19:21 ` Julien Olivain via buildroot
  0 siblings, 1 reply; 2+ messages in thread
From: Daniel Lang via buildroot @ 2025-08-24 20:39 UTC (permalink / raw)
  To: buildroot

Fixes the following CVEs:
- CVE-2024-41957
- CVE-2024-41965
- CVE-2024-45306
- CVE-2024-47814
- CVE-2025-1215
- CVE-2025-22134
- CVE-2025-24014
- CVE-2025-26603
- CVE-2025-29768
- CVE-2025-53905
- CVE-2025-53906

README.txt got updated three times since the last bump:
- [0] updated some wording regarding who the developers are.
- [1] updated the link to the release archives
- [2] updated the goals of the project

netrw (the builtin file explorer of vim) changed maintainer and was
subsequently restructured [3]. Therefore we need to run installpack,
otherwise we run into this on startup (reported by Julien, thanks!):

Error detected while processing
/usr/share/vim/vim91/plugin/netrwPlugin.vim:
line    7:
E919: Directory not found in 'packpath': "pack/*/opt/netrw"
Press ENTER or type command to continue

[0]: https://github.com/vim/vim/commit/b75825f749cf87feb9ae8e7e5327bd2efe707c86
[1]: https://github.com/vim/vim/commit/4225f28855c5d3023662b3a90a70b22caf9b6ade
[2]: https://github.com/vim/vim/commit/2bfd1ee161e26ece8e5a72cdca4fff22d11728a2
[3]: https://github.com/vim/vim/commit/9cfdabb074feefc9848e9f7a4538f201e28c7f06

Signed-off-by: Daniel Lang <dalang@gmx.at>
---
v2 -> v3:
- update version number in commit message

v1 -> v2:
- update to 9.1.1684
- add installpack to fix issue reported by Julien
---
 package/vim/vim.hash | 4 ++--
 package/vim/vim.mk   | 3 ++-
 2 files changed, 4 insertions(+), 3 deletions(-)

diff --git a/package/vim/vim.hash b/package/vim/vim.hash
index 194bcb4378..ae909aaeac 100644
--- a/package/vim/vim.hash
+++ b/package/vim/vim.hash
@@ -1,4 +1,4 @@
 # Locally computed
-sha256  0056537cb57190aa41c12ba6c2ad04ce10e7f714cde4c1fe7193a37e1c44db46  vim-9.1.0145.tar.gz
+sha256  4fe4cb284007e26255267338dde1ceac6f8326f78123ae8c96a36ee15a1ea7ba  vim-9.1.1684.tar.gz
 sha256  0b3f1f330cb1b179bb17c7c687d4cec601e0aa3462bc7f890ad4c3888d37d720  LICENSE
-sha256  7a2f621c8496396dae5eecdcc4dccff9d534dff4627193d3ebf7fa6d2cb27042  README.txt
+sha256  ee1d0885bbc4a95a24e49873a075391bdf26b69d13758e30f3d9271f8f42bd2d  README.txt
diff --git a/package/vim/vim.mk b/package/vim/vim.mk
index 7d51a6ddab..4297bdd198 100644
--- a/package/vim/vim.mk
+++ b/package/vim/vim.mk
@@ -4,7 +4,7 @@
 #
 ################################################################################
 
-VIM_VERSION = 9.1.0145
+VIM_VERSION = 9.1.1684
 VIM_SITE = $(call github,vim,vim,v$(VIM_VERSION))
 VIM_DEPENDENCIES = ncurses $(TARGET_NLS_DEPENDENCIES)
 VIM_SUBDIR = src
@@ -49,6 +49,7 @@ endif
 define VIM_INSTALL_TARGET_CMDS
 	cd $(@D)/src; \
 		$(TARGET_MAKE_ENV) $(MAKE) DESTDIR=$(TARGET_DIR) installvimbin; \
+		$(TARGET_MAKE_ENV) $(MAKE) DESTDIR=$(TARGET_DIR) installpack; \
 		$(TARGET_MAKE_ENV) $(MAKE) DESTDIR=$(TARGET_DIR) installtools; \
 		$(TARGET_MAKE_ENV) $(MAKE) DESTDIR=$(TARGET_DIR) installlinks
 endef
-- 
2.50.1

_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply related	[flat|nested] 2+ messages in thread
* Re: [Buildroot] [PATCH v3] package/vim: security bump to version 9.1.1684
  2025-08-24 20:39 [Buildroot] [PATCH v3] package/vim: security bump to version 9.1.1684 Daniel Lang via buildroot
@ 2025-08-25 19:21 ` Julien Olivain via buildroot
  0 siblings, 0 replies; 2+ messages in thread
From: Julien Olivain via buildroot @ 2025-08-25 19:21 UTC (permalink / raw)
  To: Daniel Lang; +Cc: buildroot

On 24/08/2025 22:39, Daniel Lang via buildroot wrote:
> Fixes the following CVEs:
> - CVE-2024-41957
> - CVE-2024-41965
> - CVE-2024-45306
> - CVE-2024-47814
> - CVE-2025-1215
> - CVE-2025-22134
> - CVE-2025-24014
> - CVE-2025-26603
> - CVE-2025-29768
> - CVE-2025-53905
> - CVE-2025-53906
> 
> README.txt got updated three times since the last bump:
> - [0] updated some wording regarding who the developers are.
> - [1] updated the link to the release archives
> - [2] updated the goals of the project
> 
> netrw (the builtin file explorer of vim) changed maintainer and was
> subsequently restructured [3]. Therefore we need to run installpack,
> otherwise we run into this on startup (reported by Julien, thanks!):
> 
> Error detected while processing
> /usr/share/vim/vim91/plugin/netrwPlugin.vim:
> line    7:
> E919: Directory not found in 'packpath': "pack/*/opt/netrw"
> Press ENTER or type command to continue
> 
> [0]: 
> https://github.com/vim/vim/commit/b75825f749cf87feb9ae8e7e5327bd2efe707c86
> [1]: 
> https://github.com/vim/vim/commit/4225f28855c5d3023662b3a90a70b22caf9b6ade
> [2]: 
> https://github.com/vim/vim/commit/2bfd1ee161e26ece8e5a72cdca4fff22d11728a2
> [3]: 
> https://github.com/vim/vim/commit/9cfdabb074feefc9848e9f7a4538f201e28c7f06
> 
> Signed-off-by: Daniel Lang <dalang@gmx.at>

Since this security bump is fixing a set of 11 CVEs, I applied on 
master.
Thanks!

Best regards,

Julien.
_______________________________________________
buildroot mailing list
buildroot@buildroot.org
https://lists.buildroot.org/mailman/listinfo/buildroot

^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-08-25 19:21 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-08-24 20:39 [Buildroot] [PATCH v3] package/vim: security bump to version 9.1.1684 Daniel Lang via buildroot
2025-08-25 19:21 ` Julien Olivain via buildroot

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox