Your message dated Sun, 01 Oct 2017 12:02:14 +0000
with message-id <[email protected]>
and subject line Bug#867720: fixed in vim 2:8.0.0197-4+deb9u1
has caused the Debian Bug report #867720,
regarding CVE-2017-11109
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
867720: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=867720
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: vim
Severity: important
Tags: security
This was assigned CVE-2017-11109:
https://bugzilla.redhat.com/show_bug.cgi?id=1468492
Cheers,
Moritz
--- End Message ---
--- Begin Message ---
Source: vim
Source-Version: 2:8.0.0197-4+deb9u1
We believe that the bug you reported is fixed in the latest version of
vim, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
James McCoy <[email protected]> (supplier of updated vim package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 30 Sep 2017 14:21:38 -0400
Source: vim
Binary: vim-common vim-gui-common vim-runtime vim-doc vim-tiny vim vim-gtk
vim-gtk3 vim-nox vim-athena vim-gnome xxd
Architecture: source
Version: 2:8.0.0197-4+deb9u1
Distribution: stretch
Urgency: medium
Maintainer: Debian Vim Maintainers <[email protected]>
Changed-By: James McCoy <[email protected]>
Description:
vim - Vi IMproved - enhanced vi editor
vim-athena - Vi IMproved - enhanced vi editor - with Athena GUI
vim-common - Vi IMproved - Common files
vim-doc - Vi IMproved - HTML documentation
vim-gnome - Vi IMproved - enhanced vi editor (dummy package)
vim-gtk - Vi IMproved - enhanced vi editor - with GTK2 GUI
vim-gtk3 - Vi IMproved - enhanced vi editor - with GTK3 GUI
vim-gui-common - Vi IMproved - Common GUI files
vim-nox - Vi IMproved - enhanced vi editor - with scripting languages suppo
vim-runtime - Vi IMproved - Runtime files
vim-tiny - Vi IMproved - enhanced vi editor - compact version
xxd - tool to make (or reverse) a hex dump
Closes: 867720
Changes:
vim (2:8.0.0197-4+deb9u1) stretch; urgency=medium
.
* Backport upstream patches to fix CVE-2017-11109 (Closes: #867720)
+ 8.0.0703: Illegal memory access with empty :doau command
+ 8.0.0706: Crash when cancelling the cmdline window in Ex mode
+ 8.0.0707: Freeing wrong memory when manipulating buffers in autocommands
Checksums-Sha1:
a444f6e18c28c1b2e0f73ce8c0bff765234c05ad 3019 vim_8.0.0197-4+deb9u1.dsc
3d034557c6d045e81976c76d093f8869ecf275d3 158244
vim_8.0.0197-4+deb9u1.debian.tar.xz
23b1ca8c75fc023d57719fbc3801b0aa2dd89545 20790
vim_8.0.0197-4+deb9u1_amd64.buildinfo
Checksums-Sha256:
b6d1c67c48519a311497cb3a293563d8759551bfdb1cf80a591b3ede5b1da963 3019
vim_8.0.0197-4+deb9u1.dsc
36ac268dc53ff68d0844d1c86e1e7b238aadc3004109dae3faf0927e97ad46fe 158244
vim_8.0.0197-4+deb9u1.debian.tar.xz
afad6d771587caaa4e048ab708310b000465b47d8b95fabf0d49211a38439bfb 20790
vim_8.0.0197-4+deb9u1_amd64.buildinfo
Files:
a5f56ef97be60597e1f0f10318b2b4d6 3019 editors optional
vim_8.0.0197-4+deb9u1.dsc
19e5501c7a4debc6427555100e8ba2d8 158244 editors optional
vim_8.0.0197-4+deb9u1.debian.tar.xz
cd830dba0544a4673286e5f74d4eb547 20790 editors optional
vim_8.0.0197-4+deb9u1_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQKTBAEBCgB9FiEEkb+/TWlWvV33ty0j3+aRrjMbo9sFAlnQLXFfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDkx
QkZCRjRENjk1NkJENURGN0I3MkQyM0RGRTY5MUFFMzMxQkEzREIACgkQ3+aRrjMb
o9ugUA/+NExnjnaj9D7O+TebmocY8HzITqKM3J8Z256GvDs+T1z+dBC8ojVi/oK9
k11669MiFfAGnG0H6yIpp4kZ4OI4nSjOa3IaAI+OtT1MQAgpxnY+AGWsoE+tv6Zo
hvorwwPtY5aVBpD5hU8pLy3ew1VKhMi3vkGl10bAuYSuhWosgNTNKhoxHGd61r2O
3rubONoNC6OxbbA3Uvvu6acxAe47/5TSgtdChYYlhX/KiGeQ4j1LkVKCdnT+gBF/
xvYJuFACSAW4ACAPnfNNxfRrTP4vRI3ktI2pdQ88Gn0xkY/PaSVDPm8aKjP4mNEj
rn32Uy4iiJEeHh5RdDnqiMOao0Z033gUKmPrhP/S76tZcQTHO0kQYJqoYHYPfy6o
tGKZGKmeWE232DUe+nwhrTVL3TR0RTsMYBc7EQ84NNBgq2+J6yhk2LOs1BhQ59Kg
KYu6E4qqwRsKd6/2tvliOtxnegVyq7kOiPyJMenaKHDccT2qEAJwHcz+DlKzB9dq
1JEC0WSk4QcvAmIjCFYE8Se8c0PNIkBKSKcNmNHgYF/hDUGTf+sxYXvV4eyWISRz
cTcTKt9WUGivEBrgpiugBC7iW/as+3LHUo7VKp+HFFKII6tlRB6fGfNaq/qeFElA
gUmqXo19cCLrNo0ximaDgRXfNzjVvmugn5yW37gXBGaZBst3R/0=
=DzGX
-----END PGP SIGNATURE-----
--- End Message ---
