[kirkstone][PATCH 1/2] vim: upgrade 9.1.1683 -> 9.1.2128

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

* [kirkstone][PATCH 1/2] vim: upgrade 9.1.1683 -> 9.1.2128
@ 2026-03-17  6:14 Hitendra Prajapati
  2026-03-17  6:14 ` [kirkstone][PATCH 2/2] vim: Upgrade 9.1.2128 -> 9.1.2144 Hitendra Prajapati
  0 siblings, 1 reply; 3+ messages in thread
From: Hitendra Prajapati @ 2026-03-17  6:14 UTC (permalink / raw)
  To: openembedded-core; +Cc: Hitendra Prajapati

Removes CVE-2025-66476 from CVE metrics.
It's fixed in 9.1.1947, but only affects Vim for Windows.

Rebased patches and resolved conflicts.

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
 .../vim/files/0001-src-Makefile-improve-reproducibility.patch | 4 ++--
 meta/recipes-support/vim/files/disable_acl_header_check.patch | 4 ++--
 meta/recipes-support/vim/files/no-path-adjust.patch           | 2 +-
 meta/recipes-support/vim/vim.inc                              | 4 ++--
 meta/recipes-support/vim/vim_9.1.bb                           | 3 ---
 5 files changed, 7 insertions(+), 10 deletions(-)

diff --git a/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch b/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch
index 0741745adc..ae78059296 100644
--- a/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch
+++ b/meta/recipes-support/vim/files/0001-src-Makefile-improve-reproducibility.patch
@@ -20,7 +20,7 @@ diff --git a/src/Makefile b/src/Makefile
 index 32c0d97d1..97c754673 100644
 --- a/src/Makefile
 +++ b/src/Makefile
-@@ -3138,16 +3138,10 @@ auto/pathdef.c: Makefile auto/config.mk
+@@ -3143,16 +3143,10 @@ auto/pathdef.c: Makefile auto/config.mk
  	-@echo '#include "vim.h"' >> $@
  	-@echo 'char_u *default_vim_dir = (char_u *)"$(VIMRCLOC)";' | $(QUOTESED) >> $@
  	-@echo 'char_u *default_vimruntime_dir = (char_u *)"$(VIMRUNTIMEDIR)";' | $(QUOTESED) >> $@
@@ -29,7 +29,7 @@ index 32c0d97d1..97c754673 100644
 -	-@echo 'char_u *compiled_user = (char_u *)"' | tr -d $(NL) >> $@
 -	-@if test -n "$(COMPILEDBY)"; then \
 -		echo "$(COMPILEDBY)" | tr -d $(NL) >> $@; \
--		else ((logname) 2>/dev/null || whoami) | tr -d $(NL) >> $@; fi
+-		else (logname 2>/dev/null || whoami) | tr -d $(NL) >> $@; fi
 -	-@echo '";' >> $@
 -	-@echo 'char_u *compiled_sys = (char_u *)"' | tr -d $(NL) >> $@
 -	-@if test -z "$(COMPILEDBY)"; then hostname | tr -d $(NL) >> $@; fi
diff --git a/meta/recipes-support/vim/files/disable_acl_header_check.patch b/meta/recipes-support/vim/files/disable_acl_header_check.patch
index 2a5487e685..b34f91c9b6 100644
--- a/meta/recipes-support/vim/files/disable_acl_header_check.patch
+++ b/meta/recipes-support/vim/files/disable_acl_header_check.patch
@@ -17,7 +17,7 @@ diff --git a/src/configure.ac b/src/configure.ac
 index cdb818519..dafb7d6ce 100644
 --- a/src/configure.ac
 +++ b/src/configure.ac
-@@ -3400,7 +3400,7 @@ AC_CHECK_HEADERS(stdint.h stdlib.h string.h \
+@@ -3440,7 +3440,7 @@ AC_CHECK_HEADERS(stdint.h stdlib.h string.h \
  	sys/systeminfo.h locale.h sys/stream.h termios.h \
  	libc.h sys/statfs.h poll.h sys/poll.h pwd.h \
  	utime.h sys/param.h sys/ptms.h libintl.h libgen.h \
@@ -26,7 +26,7 @@ index cdb818519..dafb7d6ce 100644
  	sys/access.h sys/sysinfo.h wchar.h wctype.h)
  
  dnl sys/ptem.h depends on sys/stream.h on Solaris
-@@ -4137,6 +4137,7 @@ AC_ARG_ENABLE(acl,
+@@ -4182,6 +4182,7 @@ AC_ARG_ENABLE(acl,
  	, [enable_acl="yes"])
  if test "$enable_acl" = "yes"; then
    AC_MSG_RESULT(no)
diff --git a/meta/recipes-support/vim/files/no-path-adjust.patch b/meta/recipes-support/vim/files/no-path-adjust.patch
index 1b380393d8..a4efce491e 100644
--- a/meta/recipes-support/vim/files/no-path-adjust.patch
+++ b/meta/recipes-support/vim/files/no-path-adjust.patch
@@ -18,7 +18,7 @@ diff --git a/src/Makefile b/src/Makefile
 index c9513a632..7a7cbdc43 100644
 --- a/src/Makefile
 +++ b/src/Makefile
-@@ -2552,11 +2552,7 @@ installtools: $(TOOLS) $(DESTDIR)$(exec_prefix) $(DEST_BIN) \
+@@ -2531,11 +2531,7 @@ installtools: $(TOOLS) $(DESTDIR)$(exec_prefix) $(DEST_BIN) \
  		 rm -rf $$cvs; \
  	      fi
  	-chmod $(FILEMOD) $(DEST_TOOLS)/*
diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 289f31be70..0ce6aa71a4 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -18,8 +18,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
            file://no-path-adjust.patch \
            "
 
-PV .= ".1683"
-SRCREV = "b922b30cfe4c044c83bac3cc908084ed20a83598"
+PV .= ".2128"
+SRCREV = "392b428d1239e963020b73682cd03f17ffb538b3"
 
 # Do not consider .z in x.y.z, as that is updated with every commit
 UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0"
diff --git a/meta/recipes-support/vim/vim_9.1.bb b/meta/recipes-support/vim/vim_9.1.bb
index e536d4ce4b..f358e61132 100644
--- a/meta/recipes-support/vim/vim_9.1.bb
+++ b/meta/recipes-support/vim/vim_9.1.bb
@@ -17,6 +17,3 @@ ALTERNATIVE_LINK_NAME[xxd] = "${bindir}/xxd"
 # in many places for _FORTIFY_SOURCE=2.  Security flags become part of CC.
 #
 lcl_maybe_fortify = "${@oe.utils.conditional('DEBUG_BUILD','1','','-D_FORTIFY_SOURCE=1',d)}"
-
-# not-applicable-platform: Issue only applies on Windows
-CVE_CHECK_IGNORE += "CVE-2025-66476"
-- 
2.50.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* [kirkstone][PATCH 2/2] vim: Upgrade 9.1.2128 -> 9.1.2144
  2026-03-17  6:14 [kirkstone][PATCH 1/2] vim: upgrade 9.1.1683 -> 9.1.2128 Hitendra Prajapati
@ 2026-03-17  6:14 ` Hitendra Prajapati
  2026-03-20 14:26   ` [OE-core] " Fabien Thomas
  0 siblings, 1 reply; 3+ messages in thread
From: Hitendra Prajapati @ 2026-03-17  6:14 UTC (permalink / raw)
  To: openembedded-core; +Cc: Hitendra Prajapati

Upgrade from 9.1.2128 to 9.1.2144 to include the fix for
CVE-2026-25749 [1] [2].

[1] https://github.com/vim/vim/security/advisories/GHSA-5w93-4g67-mm43
[2] https://github.com/vim/vim/commit/0714b15940b245108e6e9d7aa2260dd849a26fa9

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
---
 meta/recipes-support/vim/vim.inc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
index 0ce6aa71a4..7a7bedf863 100644
--- a/meta/recipes-support/vim/vim.inc
+++ b/meta/recipes-support/vim/vim.inc
@@ -18,8 +18,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
            file://no-path-adjust.patch \
            "
 
-PV .= ".2128"
-SRCREV = "392b428d1239e963020b73682cd03f17ffb538b3"
+PV .= ".2144"
+SRCREV = "55c12373f073bacfc97d757e8f4da3daf472e4ac"
 
 # Do not consider .z in x.y.z, as that is updated with every commit
 UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0"
-- 
2.50.1



^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [OE-core] [kirkstone][PATCH 2/2] vim: Upgrade 9.1.2128 -> 9.1.2144
  2026-03-17  6:14 ` [kirkstone][PATCH 2/2] vim: Upgrade 9.1.2128 -> 9.1.2144 Hitendra Prajapati
@ 2026-03-20 14:26   ` Fabien Thomas
  0 siblings, 0 replies; 3+ messages in thread
From: Fabien Thomas @ 2026-03-20 14:26 UTC (permalink / raw)
  To: hprajapati, openembedded-core

On Tue Mar 17, 2026 at 7:14 AM CET, Hitendra Prajapati via lists.openembedded.org wrote:
> Upgrade from 9.1.2128 to 9.1.2144 to include the fix for
> CVE-2026-25749 [1] [2].
>
> [1] https://github.com/vim/vim/security/advisories/GHSA-5w93-4g67-mm43
> [2] https://github.com/vim/vim/commit/0714b15940b245108e6e9d7aa2260dd849a26fa9
>
> Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
> ---
>  meta/recipes-support/vim/vim.inc | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc
> index 0ce6aa71a4..7a7bedf863 100644
> --- a/meta/recipes-support/vim/vim.inc
> +++ b/meta/recipes-support/vim/vim.inc
> @@ -18,8 +18,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \
>             file://no-path-adjust.patch \
>             "
>  
> -PV .= ".2128"
> -SRCREV = "392b428d1239e963020b73682cd03f17ffb538b3"
> +PV .= ".2144"
> +SRCREV = "55c12373f073bacfc97d757e8f4da3daf472e4ac"
>  
>  # Do not consider .z in x.y.z, as that is updated with every commit
>  UPSTREAM_CHECK_GITTAGREGEX = "(?P<pver>\d+\.\d+)\.0"

Hi Hitendra, 

Upgrading from 9.1.1683 to 9.1.2144 involves over 460 versions and over 1000 
commits. As previously discussed here [1], so many changes seems too risky for 
a stable/LTS branch.

So, without a exemption granted by Yocto Project TSC for Vim, 
backporting patches is the best solution for addressing CVEs. 

Regards,

[1] https://lore.kernel.org/openembedded-core/AS1PR10MB56978C6748852F61C4F7109BFD74A@AS1PR10MB5697.EURPRD10.PROD.OUTLOOK.COM/
-- 
Fabien Thomas
Smile ECS



^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2026-03-20 14:26 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-17  6:14 [kirkstone][PATCH 1/2] vim: upgrade 9.1.1683 -> 9.1.2128 Hitendra Prajapati
2026-03-17  6:14 ` [kirkstone][PATCH 2/2] vim: Upgrade 9.1.2128 -> 9.1.2144 Hitendra Prajapati
2026-03-20 14:26   ` [OE-core] " Fabien Thomas

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox