"Alexander Kanavin" <[email protected]> writes: > I have to wonder, what is really going on there? :-) This never ending > stream of CVEs makes vim formally the most insecure item in core. Does > anyone know? Is it rhetorical question? :) Vim has very old codebase and nobody carried about security at that time. There were few attemps to rewrite vim recently (neovim for example) but I don't know the outcome. > > Alex > > On Wed, 31 Aug 2022 at 18:07, Richard Purdie > <[email protected]> wrote: >> >> Addresses CVE-2022-2980, CVE-2022-2946 and CVE-2022-2982. >> >> Signed-off-by: Richard Purdie <[email protected]> >> --- >> meta/recipes-support/vim/vim.inc | 4 ++-- >> 1 file changed, 2 insertions(+), 2 deletions(-) >> >> diff --git a/meta/recipes-support/vim/vim.inc >> b/meta/recipes-support/vim/vim.inc >> index 5b95ab2625c..33a82992433 100644 >> --- a/meta/recipes-support/vim/vim.inc >> +++ b/meta/recipes-support/vim/vim.inc >> @@ -20,8 +20,8 @@ SRC_URI = >> "git://github.com/vim/vim.git;branch=master;protocol=https \ >> file://no-path-adjust.patch \ >> " >> >> -PV .= ".0242" >> -SRCREV = "171c683237149262665135c7d5841a89bb156f53" >> +PV .= ".0341" >> +SRCREV = "92a3d20682d46359bb50a452b4f831659e799155" >> >> # Remove when 8.3 is out >> UPSTREAM_VERSION_UNKNOWN = "1" >> -- >> 2.34.1 >> >> >> >> > > >
-=-=-=-=-=-=-=-=-=-=-=- Links: You receive all messages sent to this group. View/Reply Online (#170137): https://lists.openembedded.org/g/openembedded-core/message/170137 Mute This Topic: https://lists.openembedded.org/mt/93374420/21656 Group Owner: [email protected] Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub [[email protected]] -=-=-=-=-=-=-=-=-=-=-=-
