1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-17 04:07:06 +00:00
Commit Graph

80 Commits

Author SHA1 Message Date
Hitendra Prajapati 4a4e0944fa vim: Fix CVE-2026-28419
Pick patch from [1] also mentioned in [2]

[1] https://github.com/vim/vim/commit/9b7dfa2948c9e1e5e32a5812812d580c7879f4a0
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-28419

(From OE-Core rev: 550a2a5e2d3b5aa08f50b89a0127187c3f76854c)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-04-10 11:53:18 +01:00
Hitendra Prajapati c1c8289d56 vim: Fix CVE-2026-28418
Pick patch from [1] also mentioned in [2]

[1] https://github.com/vim/vim/commit/f6a7f469a9c0d09e84cd6cb46c3a9e76f684da2d
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-28418

(From OE-Core rev: 8cadabb525aa1ea57aa0316240ac8f9ec09161d9)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-04-10 11:53:18 +01:00
Hitendra Prajapati 0f1a5cc7a1 vim: Fix CVE-2026-26269
Pick patch from [1] also mentioned in [2]

[1] https://github.com/vim/vim/commit/c5f312aad8e4179e437f81ad39a860cd0ef11970
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-26269

(From OE-Core rev: a0a559aa8f3f556eec648f8f0fe3cb167011e0b7)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-04-10 11:53:18 +01:00
Hitendra Prajapati 7e09c83dd8 vim: Fix CVE-2026-25749
Pick patch from [1] also mentioned in [2]

[1] https://github.com/vim/vim/commit/0714b15940b245108e6e9d7aa2260dd849a26fa9
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-25749

(From OE-Core rev: ee5c47fdfed865ef7ddc18054cb6cebdb7b0e4cb)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-04-10 11:53:18 +01:00
Hitendra Prajapati 866e6ed3b8 vim: Fix CVE-2026-33412
Pick patch from [1] also mentioned in NVD report with [2]
[1] https://github.com/vim/vim/commit/645ed6597d1ea896c712cd7ddbb6edee79577e9a
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-33412

(From OE-Core rev: 910667342b78fefa22214f6375b657e8b130a24a)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-04-10 11:53:18 +01:00
Divya Chellam 1811a2d13e vim: upgrade 9.1.1652 -> 9.1.1683
Handles CVE-2025-9389

Changes between 9.1.1652 -> 9.1.1683
====================================
https://github.com/vim/vim/compare/v9.1.1652...v9.1.1683

(From OE-Core rev: 24b7e7f719ca600a88aa893b87f6ea821caeadce)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-10-03 09:51:17 -07:00
Peter Marko 9f689b3049 vim: upgrade 9.1.1198 -> 9.1.1652
Handles CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158.

Changes between 9.1.1198 -> 9.1.1652
====================================
https://github.com/vim/vim/compare/v9.1.1198...v9.1.1652

Refresh patches.

Disable newly introduced wayland support (in patch version 1485).
To this belongs also adding recursion in delete command for dir auto
which was newly failing as there is wayland directory inside now.
If someone is interested, this can be probably enabled, but without
additional work it results in compilation error due to function
redefinition conflicts.

(From OE-Core rev: e87d427d928234ef0441f9ce1fe8631fbe471094)

(From OE-Core rev: bd2dc808baec7e940a09f80afa2c2997efe7cbfe)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-09-08 08:27:11 -07:00
Vijay Anusuri e4721dd506 vim: Upgrade 9.1.1115 -> 9.1.1198
This includes CVE-fix for CVE-2025-27423 and CVE-2025-29768

Changes between 9.1.1115 -> 9.1.1198
====================================
https://github.com/vim/vim/compare/v9.1.1115...v9.1.1198

(From OE-Core rev: 0ace90f2918496ceae32aebea05bb826d1e3dad6)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8e540bd287fd56e3a714f81395b59dd508a6d957)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-04-01 09:02:41 -07:00
Divya Chellam b210ed67de vim: Upgrade 9.1.1043 -> 9.1.1115
This includes CVE-fix for CVE-2025-26603 and CVE-2025-1215

Changes between 9.1.1043 -> 9.1.1115
====================================
https://github.com/vim/vim/compare/v9.1.1043...v9.1.1115

(From OE-Core rev: acb88b244e89bc1300a24f60d0a44c21e0ab1af6)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-03-19 07:13:17 -07:00
Divya Chellam 3a36dce7e5 vim: Upgrade 9.1.0764 -> 9.1.1043
This includes CVE-fix for CVE-2025-22134 and CVE-2025-24014

Changes between 9.1.0764 -> 9.1.1043
====================================
https://github.com/vim/vim/compare/v9.1.0764...v9.1.1043

(From OE-Core rev: 73b5570a16708d1e749b1ec525299d10557cbf56)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-02-28 06:51:35 -08:00
Rohini Sangam f7fe946ab3 vim: Upgrade 9.1.0698 -> 9.1.0764
This includes CVE-fix for CVE-2024-45306 and CVE-2024-47814

Changes between 9.1.0698 -> 9.1.0764
====================================
https://github.com/vim/vim/compare/v9.1.0698...v9.1.0764

(From OE-Core rev: 774fae9cb522683f722f3075531075be9fa36770)

Signed-off-by: Rohini Sangam <rsangam@mvista.com>
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2f0e5e63399e544063c79b0b1f9555c820b0604c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-11-02 06:32:36 -07:00
Siddharth Doshi 94a4d7746d vim: Upgrade 9.1.0682 -> 9.1.0698
This includes CVE-fix for CVE-2024-43790 and CVE-2024-43802

Changes between 9.1.0682 -> 9.1.0698
====================================
https://github.com/vim/vim/compare/v9.1.0682...v9.1.0698

(From OE-Core rev: 45ef5c80b1085d88d08679025bab13161c1f1fb2)

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e530265415d93e3f49ec7874cf720aad18ab2e22)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-11-02 06:32:36 -07:00
Siddharth Doshi cada1f30e8 vim: Upgrade 9.1.0114 -> 9.1.0682
This includes CVE-fix for CVE-2024-41957, CVE-2024-41965 and CVE-2024-43374

Changes between 9.1.0114 -> 9.1.0682
====================================
https://github.com/vim/vim/compare/v9.1.0114...v9.1.0682

Note:
====
Removed patch "vim-add-knob-whether-elf.h-are-checked.patch" as libelf checks are removed from configure.ac as per
commit https://github.com/vim/vim/commit/1acc67ac4412aa9a75d1c58ebf93f2b29585a960

(From OE-Core rev: 3312a57ce631ea6235055b3d4b4ac31d06c8a2ae)

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d2938e53cad5d9bf2e78a5403e9f9fab1db77b4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-09-04 05:57:57 -07:00
Hitendra Prajapati 92cb089717 vim: upgrade from 9.0.2190 -> 9.1.0114
https://www.vim.org/vim-9.1-released.php

Vim 9.1 is available

The Vim project is happy to announce that Vim 9.1 has finally been released.
This release is dedicated to Bram Moolenaar, Vim's lead developer for more
than 30 years, who passed away half a year ago. The Vim project wouldn't
exist without his work!

Vim 9.1 is mainly a bug fix release, it contains hundreds of bug fixes, a
few new features and there are many minor improvements.

Changes:
https://github.com/vim/vim/compare/v9.0.2190...v9.1.0114

CVE: CVE-2024-22667
(includes commit https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47)

(From OE-Core rev: d5ae0ec5eca9324cffaa8f95d2cbdd8475979c45)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-09-04 05:57:57 -07:00
Tim Orling 20fc6b4b82 vim: upgrade v9.0.2130 -> v9.0.2190
This is the latest/last of the 9.0.z upgrades, since 9.1 is now
released.

CVE: CVE-2024-22667
(includes the patch for .2142 https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47)

Changes:
https://github.com/vim/vim/compare/v9.0.2130...v9.0.2190

(From OE-Core rev: e7976311a79f05608bbac46a5699ef9206a2aaf5)

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-02-28 03:32:09 -10:00
Tim Orling 93d2e547d1 vim: upgrade 9.0.2068 -> 9.0.2130
https://github.com/vim/vim/compare/v9.0.2068...v9.0.2130

CVE: CVE-2023-48231
CVE: CVE-2023-48232
CVE: CVE-2023-48233
CVE: CVE-2023-48234
CVE: CVE-2023-48235
CVE: CVE-2023-48236
CVE: CVE-2023-48237

(From OE-Core rev: 7a6aab8b28b57bbaa4d4cf436a8cae18f1a43eba)

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 5978d565a9e700485fc563dfe2e3c0045dd74b59)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-12-12 04:20:34 -10:00
Archana Polampalli d1b9e2acaa vim: Upgrade 9.0.2048 -> 9.0.2068
This includes CVE fix for CVE-2023-46246.
9198c1f2b (tag: v9.0.2068) patch 9.0.2068: [security] overflow in :history

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-46246

(From OE-Core rev: 8c83a25494f99ebe63f59a267001e4a19d0a6b14)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 63bc72ccb63d2f8eb591d7cc481657a538f0fd42)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-12-02 16:36:56 -10:00
Steve Sakoman 51a2c26e29 vim: use upstream generated .po files
A previous commit attempted to fix reproducibility errors by forcing
regeneration of .po files. Unfortunately this triggered a different
type of reproducibility issue.

Work around this by adjusting the timestamps of the troublesome .po
files so they are not regenerated and we use the shipped upstream
versions of the files.

The shipped version of ru.cp1251.po doesn't seem to have been created
with the vim tooling and specifies CP1251 instead of cp1251, fix that.

(From OE-Core rev: 3c1e35562c31b8fa94ea10d18ddfdb4267566bf3)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 13d9551ba626f001c71bf908df16caf1d739cf13)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-12-02 16:36:56 -10:00
Richard Purdie f46bb8ad10 vim: Improve locale handling
When making checkouts from git, the timestamps can vary and occasionally two files
can end up with the same stamp. This triggers make to regenerate ru.cp1251.po from
ru.po for example. If it isn't regenerated, the output isn't quite the same leading
to reproducibility issues (CP1251 vs cp1251).

Since we added all locales to buildtools tarball now, we can drop the locale
restrictions too. We need to generate a native binary for the sjis conversion
tool so also tweak that.

(From OE-Core rev: b2e62fb4d52b019728a4920553fa24f4626b881a)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 042c1a501b1dae5ddb31307b461be02c3591c589)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-12-02 16:36:56 -10:00
Siddharth Doshi a6f551f516 vim: Upgrade 9.0.2009 -> 9.0.2048
This includes CVE fix for CVE-2023-5535.

(From OE-Core rev: 7681436190354b5c5b6c3a82b3094badd81113de)

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-10-25 04:45:50 -10:00
Siddharth Doshi 9d5d4218ec vim: Upgrade 9.0.1894 -> 9.0.2009
This includes CVE fix for CVE-2023-5441.

(From OE-Core rev: 6c88137d4ab36054ac97cff0457d78ef503f383e)

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-10-18 05:13:24 -10:00
Richard Purdie cb2e2c6d2a vim: Upgrade 9.0.1664 -> 9.0.1894
This includes multiple CVE fixes.

The license change is due to changes in maintainership, the license
itself is unchanged.

(From OE-Core rev: 5f78a010a4ff53f4a216ec2ebe9b7a44c5c88790)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 91e66b93a0c0928f0c2cfe78e22898a6c9800f34)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-09-23 05:26:15 -10:00
Archana Polampalli 98393b32a9 vim: upgrade 9.0.1592 -> 9.0.1664
Fixes:
https://nvd.nist.gov/vuln/detail/CVE-2023-3896
8154e642a (tag: v9.0.1664) patch 9.0.1664: divide by zero when scrolling with 'smoothscroll' set

(From OE-Core rev: d5ba3546053cff49ee1ea66a97fe4b4a0aa76308)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 4a1ab744142c9229f03a359b45e5e89a1fbae0d3)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-09-23 05:26:15 -10:00
Etienne Cordonnier aaa6a4947d vim: update obsolete comment
vim 8.3 has been out for a long time, so this comment is obsolete.
However we still need UPSTREAM_VERSION_UNKNOWN, since we ignore
the last digit of the upstream version number.

Test result:
$ devtool check-upgrade-status vim
  ...
  INFO: vim                       9.0.1592        UNKNOWN         Tom Rini <trini@konsulko.com> c0370529c027abc5b1698d53fcfb8c02a0c515da

(From OE-Core rev: 65f5de85c3f488136d1ec2b1f7fe8d8426d6c5b3)

(From OE-Core rev: 72af322b6b8afd64a59b30a4f0fc3f8c6dfaa06a)

Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 868a19357841470eb55fb7f1c4ab1af09dea99ed)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-09-23 05:26:15 -10:00
Trevor Gamblin 4a93bab7a4 vim: upgrade 9.0.1527 -> 9.0.1592
Fixes:

https://nvd.nist.gov/vuln/detail/CVE-2023-2609
d1ae836 patch 9.0.1531: crash when register contents ends up being invalid
https://nvd.nist.gov/vuln/detail/CVE-2023-2610
ab9a2d8 patch 9.0.1532: crash when expanding "~" in substitute causes very long text

(From OE-Core rev: a71153cb0a509456dd36466ac15a603f953eb6b8)

Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1e4b4dfb4145bc00eb6937b5f54a41170e9a5b4c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-07-21 06:27:34 -10:00
Randy MacLeod 7412714f7d vim: upgrade 9.0.1429 -> 9.0.1527
Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2426
caf642c25 patch 9.0.1499: using uninitialized memory with fuzzy matching

(From OE-Core rev: 035b5d918eea3f3bb238fecd795f09505801971b)

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 4f9a8df5aca99d0a5c2d2346b27ce7be08e7896c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2023-06-21 04:00:58 -10:00
Randy MacLeod 66e92925d4 vim: upgrade 9.0.1403 -> 9.0.1429
Fixes: CVE-2023-1127, CVE-2023-1170, CVE-2023-1175,
       CVE-2023-1264, CVE-2023-1355

(From OE-Core rev: e578b685a7fca4e8a40b1863ec58b71f6c4d263c)

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 2415072c3800feb164dd4d1fa0b56bd141a5cbd8)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-04-11 11:31:52 +01:00
Ross Burton c0cf98d59c vim: set modified-by to the recipe MAINTAINER
Clause II.3 of the Vim license states that any distribution of Vim that
has been extended or modified must _at least_ indicate in the :version
output that this is the case.

Handily, Vim has a --with-modified-by argument to add a line in that
text, so use MAINTAINER.  This is the distribution maintainer contact,
by default it is OE-Core Developers
<openembedded-core@lists.openembedded.org>.

(From OE-Core rev: ec594fe190f0f41f8c0388904d72015fce0cfa55)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit acc007e23445aa53182e13902dd9509c39dd5645)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-03-23 22:45:33 +00:00
Ross Burton 580e027738 vim: upgrade to 9.0.1403
This incorporates fixes for CVE-2023-1127, CVE-2023-1170, CVE-2023-1175.

Also remove runtime/doc/uganda.txt from the license checksum: the Vim
license is also in the top-level LICENSE file so this is redundant.

(From OE-Core rev: 2d9a183467def574bf3c4a2e2f9bc59965797f6e)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 71111e6b62d37c5e6853d7940dec2993df127a35)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-03-23 22:45:33 +00:00
Ross Burton 9cf12249aa vim: add missing pkgconfig inherit
Vim uses pkgconfig to find dependencies but it wasn't present, so it
silently doesn't enable features like GTK+ UI.

[ YOCTO #15044 ]

(From OE-Core rev: 01eeabdd6f01c47fa637cee81e4ae3c61c2a9bb9)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 70900616298f5e70732a34e7406e585e323479ed)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-03-20 17:20:44 +00:00
Alexander Kanavin 07506c2d82 vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs
(From OE-Core rev: 5eb050c439d891188ded3e79bf1e5b5695f24872)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d77dbe499ee362b6e28902f1efcf52b961037a5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-03-09 13:19:02 +00:00
Randy MacLeod 370c87ac60 vim: upgrade 9.0.0947 -> 9.0.1211
Includes fixes for:
   https://nvd.nist.gov/vuln/detail/CVE-2023-0049
   https://nvd.nist.gov/vuln/detail/CVE-2023-0051
   https://nvd.nist.gov/vuln/detail/CVE-2023-0054
   https://nvd.nist.gov/vuln/detail/CVE-2023-0288

(From OE-Core rev: d4887e2e43e3d66e0f64299a8189b26d5aff31ef)

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1c51068c78d12ee02789a6dbecf5e7e91d141af5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-01-26 23:37:05 +00:00
Qiu, Zheng d513c3043b vim: upgrade 9.0.0820 -> 9.0.0947
Includes fixes for CVE-2022-4141
https://nvd.nist.gov/vuln/detail/CVE-2022-4141

For a short list of important changes, see:
https://www.arp242.net/vimlog/

(From OE-Core rev: a7abc8754ab5fbefa23fc17571d272a77dcd2421)

Signed-off-by: Zheng Qiu <zheng.qiu@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 160f459febc7fb36cc0fe85c63eb26780ace3bfd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-12-13 15:23:34 +00:00
Tim Orling 94d9172199 vim: upgrade 9.0.0614 -> 9.0.0820
Includes fixes for CVE-2022-3705
https://nvd.nist.gov/vuln/detail/CVE-2022-3705

For a short list of important changes, see:
https://www.arp242.net/vimlog/

(From OE-Core rev: 555fd2848b970fd38c20651b5e98cabb7f31287c)

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit f6d917bd0f8810b5ed8d403ad25d59cda2fc9574)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-11-04 13:13:31 +00:00
Teoh Jay Shen c0a61b5e5d vim: Upgrade 9.0.0598 -> 9.0.0614
Include fixes for CVE-2022-3352.

(From OE-Core rev: 1104d02f9bac2fdd540da5ccb5dd6690e025ef33)

Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 8aa707f80ae1cfe89d5e20ec1f1632a65149aed4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-11-04 13:13:31 +00:00
Richard Purdie 8b6a66b029 vim: Upgrade 9.0.0541 -> 9.0.0598
Includes a fix for CVE-2022-3278.

(From OE-Core rev: 9837a62cc42de4120794d4ae8d0264109b8308dc)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 98c40271692147873a622e168e8b2e90a9fcc54c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-10-11 21:56:13 +01:00
Richard Purdie f160f3e7f3 vim: Upgrade 9.0.453 -> 9.0.541
Includes a fix for CVE-2022-3234.

(From OE-Core rev: 650ae29fc567e033205558fa85cc1c156d9f72a7)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d6b54f37aa4db1457296b8981b630a49d251ceb5)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-09-28 08:02:10 +01:00
Richard Purdie d64bef1c7d vim: Upgrade 9.0.0341 -> 9.0.0453
Includes fixes for CVE-2022-3099 and CVE-2022-3134.

(From OE-Core rev: bc2e5e961e88eb9f4d8cd1f2ee0ed56ab00774a9)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d042923262130b6b96f703b5cd4184f659caeb92)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-09-17 19:12:55 +01:00
Richard Purdie df6c07aa0e vim: Upgrade 9.0.0242 -> 9.0.0341
Addresses CVE-2022-2980, CVE-2022-2946 and CVE-2022-2982.

(From OE-Core rev: b6eb009351d2bb04ae7ea828800e0e1b6934213e)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
(cherry picked from commit 01c08d47ecfcc7aefacc8280e0055c75b13795b2)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-09-12 08:41:47 +01:00
Richard Purdie 2140cd390f vim: Upgrade 9.0.0115 -> 9.0.0242
Includes fixes for:

CVE-2022-2816
CVE-2022-2817
CVE-2022-2819
CVE-2022-2845
CVE-2022-2849
CVE-2022-2862
CVE-2022-2874
CVE-2022-2889

(From OE-Core rev: 54ee67b1a805a07288925d56e9956aabc23b6ab2)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 3ec2d27d09444213ec1c9b91c6f8c4363f297294)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-08-28 07:52:28 +01:00
Randy MacLeod 73618dee22 vim: update from 9.0.0063 to 9.0.0115
Drop crosscompile.patch which was merged as part of:
   509695c1c (tag: v9.0.0065) patch 9.0.0065: \
      cross-compiling doesn't work because of timer_create check

Also drop: racefix.patch which may have been fixed upstream
and is being tracked by:
   https://github.com/vim/vim/pull/10776
where upstream is asking if the different approach resolves the
race condition. Let's see what's out there!

(From OE-Core rev: 27e4c6f98be296fb5f67ac7775461854d48f6c9a)

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
(cherry picked from commit 6996472cd33d2d4b91821f2dfe24a27a697e4afe)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-08-23 15:22:52 +01:00
Richard Purdie 6a0d24ba1c vim: Upgrade 9.0.0021 -> 9.0.0063
Pulls in several CVE fixes.
Added a patch to avoid timer_create cross compile issue (and submitted upstream).
Also submit the race fix upstream.
We disable timer_create in the native case since some systems have it
and some don't so this makes us consistent.

(From OE-Core rev: 8b42e405fc630537398116a1429a9bc7cb2152ab)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit d0c1de084c7ce030d47a428e4bbfbc4ce2996057)
Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-08-01 16:27:29 +01:00
Ross Burton 97e48b17b9 vim: upgrade to 9.0.0021
This fixes the following CVEs:
- CVE-2022-2257
- CVE-2022-2264
- CVE-2022-2284
- CVE-2022-2285
- CVE-2022-2286
- CVE-2022-2287

(From OE-Core rev: 640ccea3110408985ef5cf76fbe8dc9f4c3fd22c)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 03c044a81a76b7505b9d5bf0d936dde75b51905e)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-07-16 06:52:45 +01:00
Richard Purdie ac087037fe vim: 8.2.5083 -> 9.0.0005
The license checksum changed due to a major version change in the referenced file.

(From OE-Core rev: a290032fe88b6bac5e789da20f88fd72febe1780)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 89f34d8aa4f4572d048dbb732ca4c83d443157fb)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-07-08 08:27:16 +01:00
Richard Purdie a6344dc61a vim: Upgrade 8.2.5034 -> 8.2.5083
Includes fixes for CVE-2022-1927, CVE-2022-1942.

(From OE-Core rev: b85e29de4bca17834b003d499db5129fc5dee75e)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1e740b5c2227c0040621ae63436d06db4873670f)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-06-22 23:46:28 +01:00
Richard Purdie fd6b78f90c vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEs
Address CVE-2022-1621, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735
CVE-2022-1769, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796

(From OE-Core rev: c703b970f614ede46f9d3e24bb33cb4eb77d38a2)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit fafce97bd440150ac5c586b53b887ee70a5b66bd)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-06-07 11:53:25 +01:00
Richard Purdie 0070210dee vim: Upgrade 8.2.4681 -> 8.2.4912
Includes fixes for CVE-2022-1381, CVE-2022-1420.

(From OE-Core rev: d1c0db32383812531b857729c585b3305e781cd9)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 77d745bd49c979de987c75fd7a3af116e99db82b)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-05-20 10:08:06 +01:00
Richard Purdie ca405e4529 vim: Upgrade 8.2.4524 -> 8.2.4681
License change is a date in the license file only.

This includes a fix for CVE-2022-0943.

(From OE-Core rev: 69bc2f37d6ca7fa4823237b45dd698b8debca0a9)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-04-05 10:49:36 +01:00
Richard Purdie b678b7f0a0 vim: Update to 8.2.4524 for further CVE fixes
Includes CVE-2022-0696, CVE-2022-0714, CVE-2022-0729.

(From OE-Core rev: 0d29988958e48534a0076307bb2393a3c1309e03)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-03-08 09:44:27 +00:00
Richard Purdie f625c01d91 vim: Upgrade 8.2.4314 -> 8.2.4424
License file had some grammar fixes.

Includes CVE-2022-0554.

(From OE-Core rev: a8d0a4026359c2c8a445dba9456f8a05470293c1)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-02-21 07:52:04 +00:00