[bug#27770] [PATCH] gnu: vim: Update to 8.0.0727 [fixes CVE-2017-11109].

guix-patches

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#27770] [PATCH] gnu: vim: Update to 8.0.0727 [fixes CVE-2017-11109].

From:	Marius Bakke
Subject:	[bug#27770] [PATCH] gnu: vim: Update to 8.0.0727 [fixes CVE-2017-11109].
Date:	Sat, 29 Jul 2017 16:54:46 +0200
User-agent:	Notmuch/0.25 (https://notmuchmail.org) Emacs/25.2.1 (x86_64-unknown-linux-gnu)

Leo Famulari <address@hidden> writes:

> On Thu, Jul 20, 2017 at 01:44:36AM -0400, Leo Famulari wrote:
>> vim-full fails its tests with this update. I've noticed from previous
>> discussion that the test suite is flaky with vim-full. What do you
>> suggest?
>
> In 3c14378381fc1f187a07b2f958eeed1958f02672, I updated vim and kept
> vim-full at 8.0.0600.
>
> This means that vim-full is still vulnerable to CVE-2017-11109.
>
> I'll remove the vim-full package in 1 week (July 28) unless we have a
> fix for this bug.

FWIW I believe the root cause of at least some of the failing GUI tests
have been found:

https://groups.google.com/forum/#!msg/vim_dev/_a9DYXDuZ1I/Mb2c3lUbBgAJ

I don't have strong objections against removing this package, but we
could also just disable tests until it's working again.

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

[bug#27770] [PATCH] gnu: vim: Update to 8.0.0727 [fixes CVE-2017-11109]., Leo Famulari, 2017/07/20
- bug#27770: [PATCH] gnu: vim: Update to 8.0.0727 [fixes CVE-2017-11109]., Leo Famulari, 2017/07/21
  - [bug#27770] [PATCH] gnu: vim: Update to 8.0.0727 [fixes CVE-2017-11109]., Marius Bakke <=

Prev by Date: [bug#27856] [PATCH] gnu: erlang: Fix install-doc phase.
Next by Date: [bug#27853] [PATCH 1/2] gnu: Add memcached.
Previous by thread: bug#27770: [PATCH] gnu: vim: Update to 8.0.0727 [fixes CVE-2017-11109].
Next by thread: [bug#27461] [PATCH] gnu: Add z3.
Index(es):
- Date
- Thread