Openembedded Core Discussions
 help / color / mirror / Atom feed
* [scarthgap][PATCH 1/3] vim: fix for CVE-2026-41411 & CVE-2026-44656
@ 2026-06-30  4:42 Hitendra Prajapati
  2026-06-30  4:42 ` [scarthgap][PATCH 2/3] vim: fix for CVE-2026-45130 & CVE-2026-46483 Hitendra Prajapati
  2026-06-30  4:44 ` [scarthgap][PATCH 1/3] vim: fix for CVE-2026-41411 & CVE-2026-44656 Hitendra Prajapati
  0 siblings, 2 replies; 3+ messages in thread
From: Hitendra Prajapati @ 2026-06-30  4:42 UTC (permalink / raw)
  To: openembedded-core; +Cc: Hitendra Prajapati

Pick patch from [1] & [2] also mentioned at NVD report in [3] & [4]

[1] https://github.com/vim/vim/commit/c78194e41d5a0b05b0ddf383b6679b1503f977fb
[2] https://github.com/vim/vim/commit/190cb3c2b9c769a3972bcfd991a7b5b6cb771ef0
[3] https://nvd.nist.gov/vuln/detail/CVE-2026-41411
[4] https://nvd.nist.gov/vuln/detail/CVE-2026-44656

More info :
CVE-2026-41411 - Disallow backticks before attempting to expand filenames.
CVE-2026-44656 - Prevent shell execution from 'path' backticks via modelines.

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
 .../vim/files/CVE-2026-41411.patch            |  75 +++++++++++
 .../vim/files/CVE-2026-44656.patch            | 124 ++++++++++++++++++
 meta/recipes-support/vim/vim.inc              |   2 +
 3 files changed, 201 insertions(+)
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-41411.patch
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-44656.patch

diff --git a/meta/recipes-support/vim/files/CVE-2026-41411.patch b/meta/recipes-support/vim/files/CVE-2026-41411.patch
new file mode 100644
index 0000000000..13d613c204
--- /dev/null
+++ b/meta/recipes-support/vim/files/CVE-2026-41411.patch
@@ -0,0 +1,75 @@
+From c78194e41d5a0b05b0ddf383b6679b1503f977fb Mon Sep 17 00:00:00 2001
+From: Christian Brabandt <cb@256bit.org>
+Date: Wed, 15 Apr 2026 20:17:17 +0000
+Subject: [PATCH] patch 9.2.0357: [security]: command injection via backticks
+ in tag files
+
+Problem:  [security]: command injection via backticks in tag files
+          (Srinivas Piskala Ganesh Babu, Andy Ngo)
+Solution: Disallow backticks before attempting to expand filenames.
+
+Github Advisory:
+https://github.com/vim/vim/security/advisories/GHSA-cwgx-gcj7-6qh8
+
+Supported by AI
+
+Signed-off-by: Christian Brabandt <cb@256bit.org>
+
+CVE: CVE-2026-41411
+Upstream-Status: Backport [https://github.com/vim/vim/commit/c78194e41d5a0b05b0ddf383b6679b1503f977fb]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ src/tag.c                    |  4 +++-
+ src/testdir/test_tagjump.vim | 22 ++++++++++++++++++++++
+ 2 files changed, 25 insertions(+), 1 deletion(-)
+
+diff --git a/src/tag.c b/src/tag.c
+index d3e27e6023..0f12e384b5 100644
+--- a/src/tag.c
++++ b/src/tag.c
+@@ -4137,8 +4137,10 @@ expand_tag_fname(char_u *fname, char_u *tag_fname, int expand)
+ 
+     /*
+      * Expand file name (for environment variables) when needed.
++     * Disallow backticks, they could execute arbitrary shell
++     * commands.  This is not needed for tag filenames.
+      */
+-    if (expand && mch_has_wildcard(fname))
++    if (expand && mch_has_wildcard(fname) && vim_strchr(fname, '`') == NULL)
+     {
+ 	ExpandInit(&xpc);
+ 	xpc.xp_context = EXPAND_FILES;
+diff --git a/src/testdir/test_tagjump.vim b/src/testdir/test_tagjump.vim
+index bbab3c70e8..c0fa7b02e6 100644
+--- a/src/testdir/test_tagjump.vim
++++ b/src/testdir/test_tagjump.vim
+@@ -1693,4 +1693,26 @@ func Test_tag_excmd_with_number_vim9script()
+   bwipe!
+ endfunc
+ 
++" Test that backtick expressions in tag filenames are not expanded.
++" This prevents command injection via malicious tags files.
++func Test_tag_backtick_filename_not_expanded()
++  let pwned_file = 'Xtags_pwnd'
++  call assert_false(filereadable(pwned_file))
++
++  let tagline = "main\t`touch " .. pwned_file .. "`\t/^int main/;\"\tf"
++  call writefile([tagline], 'Xbt_tags', 'D')
++  call writefile(['int main(int argc, char **argv) {', '}'], 'Xbt_main.c', 'D')
++
++  set tags=Xbt_tags
++  sp Xbt_main.c
++
++  " The :tag command should fail to find the file, but must NOT execute
++  " the backtick shell command.
++  call assert_fails('tag main', 'E429:')
++  call assert_false(filereadable(pwned_file))
++
++  set tags&
++  bwipe!
++endfunc
++
+ " vim: shiftwidth=2 sts=2 expandtab
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/vim/files/CVE-2026-44656.patch b/meta/recipes-support/vim/files/CVE-2026-44656.patch
new file mode 100644
index 0000000000..971e4c145b
--- /dev/null
+++ b/meta/recipes-support/vim/files/CVE-2026-44656.patch
@@ -0,0 +1,124 @@
+From 190cb3c2b9c769a3972bcfd991a7b5b6cb771ef0 Mon Sep 17 00:00:00 2001
+From: Christian Brabandt <cb@256bit.org>
+Date: Sun, 3 May 2026 16:10:03 +0000
+Subject: [PATCH] patch 9.2.0435: [security]: backticks in 'path' may cause
+ shell execution on completion
+
+Problem:  [security]: Backticks enclosed shell commands in the 'path'
+          option value are executed during completion (q1uf3ng).
+Solution: Skip path entries containing backticks, add P_SECURE to 'path'
+          option, so that it cannot be set from a modeline (for symmetry with
+          the 'cdpath' option)
+
+Github Advisory:
+https://github.com/vim/vim/security/advisories/GHSA-hwg5-3cxw-wvvg
+
+Supported by AI.
+
+Signed-off-by: Christian Brabandt <cb@256bit.org>
+
+CVE: CVE-2026-44656
+Upstream-Status: Backport [https://github.com/vim/vim/commit/190cb3c2b9c769a3972bcfd991a7b5b6cb771ef0]
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ runtime/doc/options.txt            |  3 +++
+ src/findfile.c                     |  4 ++++
+ src/optiondefs.h                   |  2 +-
+ src/testdir/test_find_complete.vim | 17 +++++++++++++++++
+ src/testdir/test_modeline.vim      | 14 ++++++++++++++
+ 5 files changed, 39 insertions(+), 1 deletion(-)
+
+diff --git a/runtime/doc/options.txt b/runtime/doc/options.txt
+index f083d6ff10..8a4d782262 100644
+--- a/runtime/doc/options.txt
++++ b/runtime/doc/options.txt
+@@ -6750,6 +6750,9 @@ A jump table for the options with a short description can be found at |Q_op|.
+ <	Replace the ';' with a ':' or whatever separator is used.  Note that
+ 	this doesn't work when $INCL contains a comma or white space.
+ 
++	This option cannot be set from a |modeline| or in the |sandbox|, for
++	security reasons.
++
+ 						*'perldll'*
+ 'perldll'		string	(default depends on the build)
+ 			global
+diff --git a/src/findfile.c b/src/findfile.c
+index 0c5d1cf252..fccbc05a76 100644
+--- a/src/findfile.c
++++ b/src/findfile.c
+@@ -2412,6 +2412,10 @@ expand_path_option(
+     {
+ 	buflen = copy_option_part(&path_option, buf, MAXPATHL, " ,");
+ 
++	// do not expand backticks, could have been set via a modeline
++	if (vim_strchr(buf, '`') != NULL)
++	    continue;
++
+ 	if (buf[0] == '.' && (buf[1] == NUL || vim_ispathsep(buf[1])))
+ 	{
+ 	    size_t  plen;
+diff --git a/src/optiondefs.h b/src/optiondefs.h
+index a5e1fe99df..dac06119fc 100644
+--- a/src/optiondefs.h
++++ b/src/optiondefs.h
+@@ -1954,7 +1954,7 @@ static struct vimoption options[] =
+ 			    (char_u *)&p_pm, PV_NONE,
+ 			    did_set_backupext_or_patchmode, NULL,
+ 			    {(char_u *)"", (char_u *)0L} SCTX_INIT},
+-    {"path",	    "pa",   P_STRING|P_EXPAND|P_VI_DEF|P_COMMA|P_NODUP,
++    {"path",	    "pa",   P_STRING|P_EXPAND|P_VI_DEF|P_SECURE|P_COMMA|P_NODUP,
+ 			    (char_u *)&p_path, PV_PATH, NULL, NULL,
+ 			    {
+ #if defined(AMIGA) || defined(MSWIN)
+diff --git a/src/testdir/test_find_complete.vim b/src/testdir/test_find_complete.vim
+index 079fb78043..8b8b71c303 100644
+--- a/src/testdir/test_find_complete.vim
++++ b/src/testdir/test_find_complete.vim
+@@ -161,4 +161,21 @@ func Test_find_complete()
+   set path&
+ endfunc
+ 
++" Verify that backticks in 'path' are not executed
++func Test_find_completion_backtick_in_path()
++  CheckUnix
++  CheckExecutable id
++
++  new Xpoc.c
++  setl path+=`id>Xrce_marker`
++  " Triggering completion must not execute the backtick command.
++  call getcompletion('', 'file_in_path')
++  call assert_false(filereadable('Xrce_marker'))
++  call feedkeys(":find \t\n", "xt")
++  call assert_false(filereadable('Xrce_marker'))
++
++  bwipe!
++  call delete('Xrce_marker')
++endfunc
++
+ " vim: shiftwidth=2 sts=2 expandtab
+diff --git a/src/testdir/test_modeline.vim b/src/testdir/test_modeline.vim
+index 79fc7d14d5..20fb7e0677 100644
+--- a/src/testdir/test_modeline.vim
++++ b/src/testdir/test_modeline.vim
+@@ -493,4 +493,18 @@ func Test_modeline_nowrap_lcs_extends()
+   set equalalways&
+ endfunc
+ 
++" Verify that backticks in 'path' set from a modeline are not executed
++func Test_path_modeline()
++  let lines =<< trim END
++    // vim: set path+=foobar :
++  END
++  call writefile(lines, 'Xpoc.c', 'D')
++
++  set nomodelinestrict modeline
++  call assert_fails('split Xpoc.c', 'E520:')
++
++  bwipe!
++  set modelinestrict& modeline&
++endfunc
++
+ " vim: shiftwidth=2 sts=2 expandtab
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index d6fdf45706..efd24650f4 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -16,6 +16,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https;tag=v${PV}
            file://disable_acl_header_check.patch \
            file://0001-src-Makefile-improve-reproducibility.patch \
            file://no-path-adjust.patch \
+           file://CVE-2026-44656.patch \
+           file://CVE-2026-41411.patch \
            "
 
 PV .= ".0340"
-- 
2.50.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [scarthgap][PATCH 2/3] vim: fix for CVE-2026-45130 & CVE-2026-46483
  2026-06-30  4:42 [scarthgap][PATCH 1/3] vim: fix for CVE-2026-41411 & CVE-2026-44656 Hitendra Prajapati
@ 2026-06-30  4:42 ` Hitendra Prajapati
  2026-06-30  4:44 ` [scarthgap][PATCH 1/3] vim: fix for CVE-2026-41411 & CVE-2026-44656 Hitendra Prajapati
  1 sibling, 0 replies; 3+ messages in thread
From: Hitendra Prajapati @ 2026-06-30  4:42 UTC (permalink / raw)
  To: openembedded-core; +Cc: Hitendra Prajapati

Pick patch from [1] & [2] also mentioned at NVD report in [3] & [4]

[1] https://github.com/vim/vim/commit/92993329178cb1f72d700fff45ca86e1c2d369f8
[2] https://github.com/vim/vim/commit/3fb5e58fbc63d86a3e65f1a141b0d67af2aa38a1
[3] https://nvd.nist.gov/vuln/detail/CVE-2026-45130
[4] https://nvd.nist.gov/vuln/detail/CVE-2026-46483

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
 .../vim/files/CVE-2026-45130.patch            | 115 ++++++++++++++++++
 .../vim/files/CVE-2026-46483.patch            |  77 ++++++++++++
 meta/recipes-support/vim/vim.inc              |   2 +
 3 files changed, 194 insertions(+)
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-45130.patch
 create mode 100644 meta/recipes-support/vim/files/CVE-2026-46483.patch

diff --git a/meta/recipes-support/vim/files/CVE-2026-45130.patch b/meta/recipes-support/vim/files/CVE-2026-45130.patch
new file mode 100644
index 0000000000..a86ba79e74
--- /dev/null
+++ b/meta/recipes-support/vim/files/CVE-2026-45130.patch
@@ -0,0 +1,115 @@
+From 92993329178cb1f72d700fff45ca86e1c2d369f8 Mon Sep 17 00:00:00 2001
+From: Christian Brabandt <cb@256bit.org>
+Date: Wed, 6 May 2026 20:50:00 +0200
+Subject: [PATCH] patch 9.2.0450: [security]: heap buffer overflow in
+ spellfile.c read_compound()
+
+Problem:  read_compound() in spellfile.c computes the size of the regex
+          pattern buffer using signed-int arithmetic on the attacker
+          controlled SN_COMPOUND sectionlen.  With sectionlen=0x40000008
+          and UTF-8 encoding active the multiplication wraps to 27 while
+          the per-byte loop writes up to ~1B bytes, overflowing the heap.
+          Reachable when loading a crafted .spl file (e.g. via 'set spell'
+          after a modeline sets 'spelllang').  The cp/ap/crp allocations
+          have the same int + 1 overflow class (Daniel Cervera)
+Solution: Use type size_t as buffer size and reject values larger than
+          COMPOUND_MAX_LEN (100000).  Apply the same size_t treatment to
+          the cp/ap/crp allocations.
+
+Github Advisory:
+https://github.com/vim/vim/security/advisories/GHSA-q4jv-r9gj-6cwv
+
+Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
+Signed-off-by: Christian Brabandt <cb@256bit.org>
+
+Upstream-Status: Backport [https://github.com/vim/vim/commit/92993329178cb1f72d700fff45ca86e1c2d369f8]
+CVE: CVE-2026-45130
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ src/spellfile.c                | 20 ++++++++++++++------
+ src/testdir/test_spellfile.vim |  4 ++++
+ 2 files changed, 18 insertions(+), 6 deletions(-)
+
+diff --git a/src/spellfile.c b/src/spellfile.c
+index a9a347a89a..5102dad5b6 100644
+--- a/src/spellfile.c
++++ b/src/spellfile.c
+@@ -290,6 +290,9 @@
+ #define CF_WORD		0x01
+ #define CF_UPPER	0x02
+ 
++// Max allowed length for COMPOUND section
++#define COMPOUND_MAX_LEN	100000
++
+ /*
+  * Loop through all the siblings of a node (including the node)
+  */
+@@ -1219,6 +1222,8 @@ read_compound(FILE *fd, slang_T *slang, int len)
+     char_u	*crp;
+     int		cnt;
+     garray_T	*gap;
++    size_t	patsize;
++    size_t	flagsize;
+ 
+     if (todo < 2)
+ 	return SP_FORMERROR;	// need at least two bytes
+@@ -1275,16 +1280,19 @@ read_compound(FILE *fd, slang_T *slang, int len)
+     // "a[bc]/a*b+" -> "^\(a[bc]\|a*b\+\)$".
+     // Inserting backslashes may double the length, "^\(\)$<Nul>" is 7 bytes.
+     // Conversion to utf-8 may double the size.
+-    c = todo * 2 + 7;
++    if ((size_t)todo > COMPOUND_MAX_LEN)
++	return SP_FORMERROR;
++    patsize = (size_t)todo * 2 + 7;
+     if (enc_utf8)
+-	c += todo * 2;
+-    pat = alloc(c);
++	patsize += (size_t)todo * 2;
++    flagsize = (size_t)todo + 1;
++    pat = alloc(patsize);
+     if (pat == NULL)
+ 	return SP_OTHERERROR;
+ 
+     // We also need a list of all flags that can appear at the start and one
+     // for all flags.
+-    cp = alloc(todo + 1);
++    cp = alloc(flagsize);
+     if (cp == NULL)
+     {
+ 	vim_free(pat);
+@@ -1293,7 +1301,7 @@ read_compound(FILE *fd, slang_T *slang, int len)
+     slang->sl_compstartflags = cp;
+     *cp = NUL;
+ 
+-    ap = alloc(todo + 1);
++    ap = alloc(flagsize);
+     if (ap == NULL)
+     {
+ 	vim_free(pat);
+@@ -1305,7 +1313,7 @@ read_compound(FILE *fd, slang_T *slang, int len)
+     // And a list of all patterns in their original form, for checking whether
+     // compounding may work in match_compoundrule().  This is freed when we
+     // encounter a wildcard, the check doesn't work then.
+-    crp = alloc(todo + 1);
++    crp = alloc(flagsize);
+     slang->sl_comprules = crp;
+ 
+     pp = pat;
+diff --git a/src/testdir/test_spellfile.vim b/src/testdir/test_spellfile.vim
+index f46a25d99e..8f3ef4907d 100644
+--- a/src/testdir/test_spellfile.vim
++++ b/src/testdir/test_spellfile.vim
+@@ -334,6 +334,10 @@ func Test_spellfile_format_error()
+   " SN_COMPOUND: incorrect comppatlen
+   call Spellfile_Test(0z080000000007040101000000020165, 'E758:')
+ 
++  " SN_COMPOUND: oversized sectionlen
++  let v = eval('0z08004000000803010161' .. repeat('61', 50) .. 'FF')
++  call Spellfile_Test(v, 'E759:')
++
+   " SN_INFO: missing info
+   call Spellfile_Test(0z0F0000000005040101, '')
+ 
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/vim/files/CVE-2026-46483.patch b/meta/recipes-support/vim/files/CVE-2026-46483.patch
new file mode 100644
index 0000000000..72167d4c25
--- /dev/null
+++ b/meta/recipes-support/vim/files/CVE-2026-46483.patch
@@ -0,0 +1,77 @@
+From 3fb5e58fbc63d86a3e65f1a141b0d67af2aa38a1 Mon Sep 17 00:00:00 2001
+From: Christian Brabandt <cb@256bit.org>
+Date: Thu, 14 May 2026 15:35:28 +0000
+Subject: [PATCH] patch 9.2.0479: [security]: runtime(tar): command injection
+ in tar plugin
+
+Problem:  [security]: runtime(tar): command injection in tar plugin
+          (Christopher Lusk)
+Solution: Use the correct shellescape(args, 1) form for a :! command
+
+Github Advisory:
+https://github.com/vim/vim/security/advisories/GHSA-2fpv-9ff7-xg5w
+
+Signed-off-by: Christian Brabandt <cb@256bit.org>
+
+Upstream-Status: Backport [https://github.com/vim/vim/commit/3fb5e58fbc63d86a3e65f1a141b0d67af2aa38a1]
+CVE: CVE-2026-46483
+Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
+---
+ runtime/autoload/tar.vim        |  5 +++--
+ src/testdir/test_plugin_tar.vim | 19 +++++++++++++++++++
+ 2 files changed, 22 insertions(+), 2 deletions(-)
+
+diff --git a/runtime/autoload/tar.vim b/runtime/autoload/tar.vim
+index 722a0ab680..d2db9d3b18 100644
+--- a/runtime/autoload/tar.vim
++++ b/runtime/autoload/tar.vim
+@@ -23,6 +23,7 @@
+ "   2026 Apr 06 by Vim Project: fix bugs with lz4 support (#19925)
+ "   2026 Apr 09 by Vim Project: fix bugs with zstd support (#19930)
+ "   2026 Apr 09 by Vim Project: fix bug with dotted filename (#19930)
++"   2026 May 14 by Vim Project: use correct shellescape() call in Vimuntar()
+ "
+ "	Contains many ideas from Michael Toren's <tar.vim>
+ "
+@@ -812,9 +813,9 @@ fun! tar#Vimuntar(...)
+   " if necessary, decompress the tarball; then, extract it
+   if tartail =~ '\.tgz'
+    if executable("gunzip")
+-    silent exe "!gunzip ".shellescape(tartail)
++    silent exe "!gunzip ".shellescape(tartail, 1)
+    elseif executable("gzip")
+-    silent exe "!gzip -d ".shellescape(tartail)
++    silent exe "!gzip -d ".shellescape(tartail, 1)
+    else
+     echoerr "unable to decompress<".tartail."> on this system"
+     if simplify(curdir) != simplify(tarhome)
+diff --git a/src/testdir/test_plugin_tar.vim b/src/testdir/test_plugin_tar.vim
+index 80b7a76d6d..f1ee9130c6 100644
+--- a/src/testdir/test_plugin_tar.vim
++++ b/src/testdir/test_plugin_tar.vim
+@@ -313,3 +313,22 @@ def g:Test_extract_with_dotted_filename()
+   delete('X.txt')
+   bw!
+ enddef
++
++def g:Test_extract_command_injection()
++  CheckExecutable gunzip
++  CheckExecutable touch
++  var tgz = eval('0z1F8B08087795056A000364756D6D792E74617200EDCE2B12C2300004D01C254' ..
++   '7480269CE534080A8495BD1DBF3996106C3A08A7ACFACD8157B59A7690BFB4A0FC3707C666E357D' ..
++   'E65BC8B5A47CC8A5D61A522EA5B510D3CEBF5ED679197B8CE17CEDB7F9D4C76FBB5F3D000000000' ..
++   '000000000FCD11D32415E2C00280000')
++  var dirname = tempname()
++
++  mkdir(dirname, 'R')
++  var tar = dirname .. "/';%$(touch pwned)'.tgz"
++  writefile(tgz, tar)
++  new
++  exe "e " .. fnameescape(tar)
++  exe ":Vimuntar " .. dirname
++  assert_false(filereadable(dirname .. "/pwned"))
++  bw!
++enddef
+-- 
+2.34.1
+
diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index efd24650f4..6eafc53c74 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -18,6 +18,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https;tag=v${PV}
            file://no-path-adjust.patch \
            file://CVE-2026-44656.patch \
            file://CVE-2026-41411.patch \
+           file://CVE-2026-45130.patch \
+           file://CVE-2026-46483.patch \
            "
 
 PV .= ".0340"
-- 
2.50.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [scarthgap][PATCH 1/3] vim: fix for CVE-2026-41411 & CVE-2026-44656
  2026-06-30  4:42 [scarthgap][PATCH 1/3] vim: fix for CVE-2026-41411 & CVE-2026-44656 Hitendra Prajapati
  2026-06-30  4:42 ` [scarthgap][PATCH 2/3] vim: fix for CVE-2026-45130 & CVE-2026-46483 Hitendra Prajapati
@ 2026-06-30  4:44 ` Hitendra Prajapati
  1 sibling, 0 replies; 3+ messages in thread
From: Hitendra Prajapati @ 2026-06-30  4:44 UTC (permalink / raw)
  To: openembedded-core

[-- Attachment #1: Type: text/plain, Size: 44 bytes --]

Hi Team,
Please ignore this patch series.

[-- Attachment #2: Type: text/html, Size: 67 bytes --]

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2026-06-30  4:44 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-06-30  4:42 [scarthgap][PATCH 1/3] vim: fix for CVE-2026-41411 & CVE-2026-44656 Hitendra Prajapati
2026-06-30  4:42 ` [scarthgap][PATCH 2/3] vim: fix for CVE-2026-45130 & CVE-2026-46483 Hitendra Prajapati
2026-06-30  4:44 ` [scarthgap][PATCH 1/3] vim: fix for CVE-2026-41411 & CVE-2026-44656 Hitendra Prajapati

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox