1
0
mirror of https://git.yoctoproject.org/poky synced 2026-07-01 23:07:19 +00:00
Commit Graph

91 Commits

Author SHA1 Message Date
Hitendra Prajapati 27c18f15c0 vim: fix for CVE-2026-39881
Pick patch from [1] also mentioned at Debian report in [2]

[1] https://github.com/vim/vim/commit/7ab76a86048ed492374ac6b19c6cb52f89a365b4
[2] https://security-tracker.debian.org/tracker/CVE-2026-39881

More details: https://nvd.nist.gov/vuln/detail/CVE-2026-39881

(From OE-Core rev: e92dd3b16cd75d9c765f0ff4bc84fbdda8c3dca6)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-05-12 21:31:34 +01:00
Hitendra Prajapati 3255ae82d1 vim: Fix CVE-2026-28419
Pick patch from [1] also mentioned in [2]

[1] https://github.com/vim/vim/commit/9b7dfa2948c9e1e5e32a5812812d580c7879f4a0
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-28419

(From OE-Core rev: 5e05e5e86d4ac5cc8a8d39ceb4f784feb9b0d327)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-05-04 13:57:31 +01:00
Hitendra Prajapati 8a34192bc3 vim: Fix CVE-2026-28418
Pick patch from [1] also mentioned in [2]

[1] https://github.com/vim/vim/commit/f6a7f469a9c0d09e84cd6cb46c3a9e76f684da2d
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-28418

(From OE-Core rev: bbbe166c9d9df9b8cf0df6f84bf1eb3c7732b7da)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-05-04 13:57:31 +01:00
Hitendra Prajapati e05783e0b0 vim: Fix CVE-2026-33412
Pick patch from [1] also mentioned in NVD report with [2]
[1] https://github.com/vim/vim/commit/645ed6597d1ea896c712cd7ddbb6edee79577e9a
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-33412

(From OE-Core rev: dcedbba9b4d8a4cb02e2a7a291b934ea3bf7bdce)

Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-05-04 13:57:31 +01:00
Anil Dongare 39ca0f7ec1 vim: Fix CVE-2026-26269
Pick patch from [1] also mentioned in [2]
[1] https://github.com/vim/vim/commit/c5f312aad8e4179e437f81ad39a860cd0ef11970
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-26269

(From OE-Core rev: 1d870ab25eea1c0204fb7abe109251aa55326b76)

Signed-off-by: Anil Dongare <adongare@cisco.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-05-04 13:57:31 +01:00
Anil Dongare f469c5647d vim: Fix CVE-2026-25749
Pick patch from [1] also mentioned in [2]
[1] https://github.com/vim/vim/commit/0714b15940b245108e6e9d7aa2260dd849a26fa9
[2] https://nvd.nist.gov/vuln/detail/CVE-2026-25749

(From OE-Core rev: ce685e18a6dd7137094a10a9051aefc123a0f2e4)

Signed-off-by: Anil Dongare <adongare@cisco.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
2026-05-04 13:57:31 +01:00
Ankur Tyagi df890007b4 vim: ignore CVE-2025-66476
Details https://nvd.nist.gov/vuln/detail/CVE-2025-66476

(From OE-Core rev: f42ed917ab6a4a91d473ef5b2107cdf0f1961c57)

Signed-off-by: Ankur Tyagi <ankur.tyagi85@gmail.com>
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Paul Barker <paul@pbarker.dev>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2026-02-27 17:45:06 +00:00
Divya Chellam 619804e1fc vim: upgrade 9.1.1652 -> 9.1.1683
Handles CVE-2025-9389

Changes between 9.1.1652 -> 9.1.1683
====================================
https://github.com/vim/vim/compare/v9.1.1652...v9.1.1683

(From OE-Core rev: 55e0c38dc28b73fa689446e2d5e564d235a24084)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-09-30 08:01:59 -07:00
Peter Marko 96cf0503ed vim: upgrade 9.1.1198 -> 9.1.1652
Handles CVE-2025-53905, CVE-2025-53906, CVE-2025-55157, CVE-2025-55158.

Changes between 9.1.1198 -> 9.1.1652
====================================
https://github.com/vim/vim/compare/v9.1.1198...v9.1.1652

Refresh patches.

Disable newly introduced wayland support (in patch version 1485).
To this belongs also adding recursion in delete command for dir auto
which was newly failing as there is wayland directory inside now.
If someone is interested, this can be probably enabled, but without
additional work it results in compilation error due to function
redefinition conflicts.

(From OE-Core rev: e87d427d928234ef0441f9ce1fe8631fbe471094)

(From OE-Core rev: 052fd7e55d2c73f13f63267fbfb5e39fa504baa3)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-09-01 08:30:56 -07:00
Vijay Anusuri 83284e1efa vim: Upgrade 9.1.1115 -> 9.1.1198
This includes CVE-fix for CVE-2025-27423 and CVE-2025-29768

Changes between 9.1.1115 -> 9.1.1198
====================================
https://github.com/vim/vim/compare/v9.1.1115...v9.1.1198

(From OE-Core rev: a6cf72f3a01d8e6ea310d6759d5b98813e3edaac)

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 8e540bd287fd56e3a714f81395b59dd508a6d957)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-04-01 09:08:42 -07:00
Divya Chellam 9714332c7b vim: Upgrade 9.1.1043 -> 9.1.1115
This includes CVE-fix for CVE-2025-26603 and CVE-2025-1215

Changes between 9.1.1043 -> 9.1.1115
====================================
https://github.com/vim/vim/compare/v9.1.1043...v9.1.1115

(From OE-Core rev: f390badfe5b3a1a8cc70051075a5e641ff5abf2c)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-03-15 06:40:08 -07:00
Divya Chellam 2fb5838cb1 vim: Upgrade 9.1.0764 -> 9.1.1043
This includes CVE-fix for CVE-2025-22134 and CVE-2025-24014

Changes between 9.1.0764 -> 9.1.1043
====================================
https://github.com/vim/vim/compare/v9.1.0764...v9.1.1043

(From OE-Core rev: 00b97ae6e1aa2c1cad2ff23e4eedab1d55af6f4f)

Signed-off-by: Divya Chellam <divya.chellam@windriver.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2025-02-21 06:25:06 -08:00
Rohini Sangam 5536f35186 vim: Upgrade 9.1.0698 -> 9.1.0764
This includes CVE-fix for CVE-2024-45306 and CVE-2024-47814

Changes between 9.1.0698 -> 9.1.0764
====================================
https://github.com/vim/vim/compare/v9.1.0698...v9.1.0764

(From OE-Core rev: 7dc4956d4eeb1ffe7fe5df1ed55197c0b5a1bc79)

Signed-off-by: Rohini Sangam <rsangam@mvista.com>
Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 2f0e5e63399e544063c79b0b1f9555c820b0604c)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-10-30 08:30:00 -07:00
Siddharth Doshi 8a8d815bf8 vim: Upgrade 9.1.0682 -> 9.1.0698
This includes CVE-fix for CVE-2024-43790 and CVE-2024-43802

Changes between 9.1.0682 -> 9.1.0698
====================================
https://github.com/vim/vim/compare/v9.1.0682...v9.1.0698

(From OE-Core rev: 829e474534777b2154f1b1246c5792b3159dacb1)

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e530265415d93e3f49ec7874cf720aad18ab2e22)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-09-19 05:11:35 -07:00
Siddharth Doshi b2f504f0cc vim: Upgrade 9.1.0114 -> 9.1.0682
This includes CVE-fix for CVE-2024-41957, CVE-2024-41965 and CVE-2024-43374

Changes between 9.1.0114 -> 9.1.0682
====================================
https://github.com/vim/vim/compare/v9.1.0114...v9.1.0682

Note:
====
Removed patch "vim-add-knob-whether-elf.h-are-checked.patch" as libelf checks are removed from configure.ac as per
commit https://github.com/vim/vim/commit/1acc67ac4412aa9a75d1c58ebf93f2b29585a960

(From OE-Core rev: ad71057a09ec6304cee3771122224af011ee9087)

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 6d2938e53cad5d9bf2e78a5403e9f9fab1db77b4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
2024-09-03 05:39:12 -07:00
Tim Orling 3f9e81af21 vim: upgrade from 9.0.2130 -> 9.1.0114
https://www.vim.org/vim-9.1-released.php

Vim 9.1 is available

The Vim project is happy to announce that Vim 9.1 has finally been released.
This release is dedicated to Bram Moolenaar, Vim's lead developer for more
than 30 years, who passed away half a year ago. The Vim project wouldn't
exist without his work!

Vim 9.1 is mainly a bug fix release, it contains hundreds of bug fixes, a
few new features and there are many minor improvements.

Changes:
https://github.com/vim/vim/compare/v9.0.2130...v9.1.0114

CVE: CVE-2024-22667
(includes commit https://github.com/vim/vim/commit/b39b240c386a5a29241415541f1c99e2e6b8ce47)

(From OE-Core rev: 9f7e9c0f4360469b9775372272e0a442c7cc06c8)

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2024-02-18 22:02:40 +00:00
Tim Orling 71b3038979 vim: upgrade 9.0.2068 -> 9.0.2130
https://github.com/vim/vim/compare/v9.0.2068...v9.0.2130

CVE: CVE-2023-48231
CVE: CVE-2023-48232
CVE: CVE-2023-48233
CVE: CVE-2023-48234
CVE: CVE-2023-48235
CVE: CVE-2023-48236
CVE: CVE-2023-48237

(From OE-Core rev: 5978d565a9e700485fc563dfe2e3c0045dd74b59)

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-11-30 08:43:04 +00:00
Archana Polampalli 5e19cc0006 vim: Upgrade 9.0.2048 -> 9.0.2068
This includes CVE fix for CVE-2023-46246.
9198c1f2b (tag: v9.0.2068) patch 9.0.2068: [security] overflow in :history

References:
https://nvd.nist.gov/vuln/detail/CVE-2023-46246

(From OE-Core rev: 63bc72ccb63d2f8eb591d7cc481657a538f0fd42)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-11-22 14:07:21 +00:00
Steve Sakoman 745bf44812 vim: use upstream generated .po files
A previous commit attempted to fix reproducibility errors by forcing
regeneration of .po files. Unfortunately this triggered a different
type of reproducibility issue.

Work around this by adjusting the timestamps of the troublesome .po
files so they are not regenerated and we use the shipped upstream
versions of the files.

The shipped version of ru.cp1251.po doesn't seem to have been created
with the vim tooling and specifies CP1251 instead of cp1251, fix that.

(From OE-Core rev: 13d9551ba626f001c71bf908df16caf1d739cf13)

Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-11-21 21:26:19 +00:00
Richard Purdie 8395e4723c vim: Improve locale handling
When making checkouts from git, the timestamps can vary and occasionally two files
can end up with the same stamp. This triggers make to regenerate ru.cp1251.po from
ru.po for example. If it isn't regenerated, the output isn't quite the same leading
to reproducibility issues (CP1251 vs cp1251).

Since we added all locales to buildtools tarball now, we can drop the locale
restrictions too. We need to generate a native binary for the sjis conversion
tool so also tweak that.

(From OE-Core rev: 042c1a501b1dae5ddb31307b461be02c3591c589)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-11-15 15:41:40 +00:00
Siddharth Doshi a0a8cec56d vim: Upgrade 9.0.2009 -> 9.0.2048
This includes CVE fix for CVE-2023-5535.

(From OE-Core rev: 9292eb70a2a0871cf235e4df0257d7028f43a278)

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-10-19 13:06:52 +01:00
Siddharth Doshi c5369d6a6d vim: Upgrade 9.0.1894 -> 9.0.2009
This includes CVE fix for CVE-2023-5441.

(From OE-Core rev: 539b0c8938b7ac4338b087e04d8b8624b7546237)

Signed-off-by: Siddharth Doshi <sdoshi@mvista.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-10-14 22:45:42 +01:00
Richard Purdie 0a99a509a9 vim: Upgrade 9.0.1664 -> 9.0.1894
This includes multiple CVE fixes.

The license change is due to changes in maintainership, the license
itself is unchanged.

(From OE-Core rev: 91e66b93a0c0928f0c2cfe78e22898a6c9800f34)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-09-12 07:45:52 +01:00
Archana Polampalli fb80dc894d vim: upgrade 9.0.1592 -> 9.0.1664
Fixes:
https://nvd.nist.gov/vuln/detail/CVE-2023-3896
8154e642a (tag: v9.0.1664) patch 9.0.1664: divide by zero when scrolling with 'smoothscroll' set

(From OE-Core rev: 4a1ab744142c9229f03a359b45e5e89a1fbae0d3)

Signed-off-by: Archana Polampalli <archana.polampalli@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-09-08 22:59:47 +01:00
Etienne Cordonnier 844dd42d1f vim: update obsolete comment
vim 8.3 has been out for a long time, so this comment is obsolete.
However we still need UPSTREAM_VERSION_UNKNOWN, since we ignore
the last digit of the upstream version number.

Test result:
$ devtool check-upgrade-status vim
  ...
  INFO: vim                       9.0.1592        UNKNOWN         Tom Rini <trini@konsulko.com> c0370529c027abc5b1698d53fcfb8c02a0c515da

(From OE-Core rev: 65f5de85c3f488136d1ec2b1f7fe8d8426d6c5b3)

(From OE-Core rev: 868a19357841470eb55fb7f1c4ab1af09dea99ed)

Signed-off-by: Etienne Cordonnier <ecordonnier@snap.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-08-22 15:13:54 +01:00
Trevor Gamblin 1f32a9868d vim: upgrade 9.0.1527 -> 9.0.1592
Fixes:

https://nvd.nist.gov/vuln/detail/CVE-2023-2609
d1ae836 patch 9.0.1531: crash when register contents ends up being invalid
https://nvd.nist.gov/vuln/detail/CVE-2023-2610
ab9a2d8 patch 9.0.1532: crash when expanding "~" in substitute causes very long text

(From OE-Core rev: 1e4b4dfb4145bc00eb6937b5f54a41170e9a5b4c)

Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-05-31 16:53:04 +01:00
Randy MacLeod d4b1dfde1f vim: upgrade 9.0.1429 -> 9.0.1527
Fixes: https://nvd.nist.gov/vuln/detail/CVE-2023-2426
caf642c25 patch 9.0.1499: using uninitialized memory with fuzzy matching

(From OE-Core rev: 4f9a8df5aca99d0a5c2d2346b27ce7be08e7896c)

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-05-22 10:53:47 +01:00
Randy MacLeod d1f3941417 vim: upgrade 9.0.1403 -> 9.0.1429
Fixes: CVE-2023-1127, CVE-2023-1170, CVE-2023-1175,
       CVE-2023-1264, CVE-2023-1355

(From OE-Core rev: 2415072c3800feb164dd4d1fa0b56bd141a5cbd8)

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-03-30 10:49:01 +01:00
Ross Burton a683f6e45a vim: upgrade to 9.0.1403
This incorporates fixes for CVE-2023-1127, CVE-2023-1170, CVE-2023-1175.

Also remove runtime/doc/uganda.txt from the license checksum: the Vim
license is also in the top-level LICENSE file so this is redundant.

(From OE-Core rev: 71111e6b62d37c5e6853d7940dec2993df127a35)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-03-14 17:13:11 +00:00
Ross Burton 381d33eb5d vim: set modified-by to the recipe MAINTAINER
Clause II.3 of the Vim license states that any distribution of Vim that
has been extended or modified must _at least_ indicate in the :version
output that this is the case.

Handily, Vim has a --with-modified-by argument to add a line in that
text, so use MAINTAINER.  This is the distribution maintainer contact,
by default it is OE-Core Developers
<openembedded-core@lists.openembedded.org>.

(From OE-Core rev: acc007e23445aa53182e13902dd9509c39dd5645)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-03-14 17:13:11 +00:00
Ross Burton d24ae96060 vim: add missing pkgconfig inherit
Vim uses pkgconfig to find dependencies but it wasn't present, so it
silently doesn't enable features like GTK+ UI.

[ YOCTO #15044 ]

(From OE-Core rev: 70900616298f5e70732a34e7406e585e323479ed)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-03-06 09:52:16 +00:00
Alexander Kanavin 64e6bfbff6 vim: update 9.0.1211 -> 9.0.1293 to resolve open CVEs
(From OE-Core rev: 6d77dbe499ee362b6e28902f1efcf52b961037a5)

Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-02-15 10:21:34 +00:00
Randy MacLeod f3d4ee6477 vim: upgrade 9.0.0947 -> 9.0.1211
Includes fixes for:
   https://nvd.nist.gov/vuln/detail/CVE-2023-0049
   https://nvd.nist.gov/vuln/detail/CVE-2023-0051
   https://nvd.nist.gov/vuln/detail/CVE-2023-0054
   https://nvd.nist.gov/vuln/detail/CVE-2023-0288

(From OE-Core rev: 1c51068c78d12ee02789a6dbecf5e7e91d141af5)

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-01-18 16:42:28 +00:00
Qiu, Zheng 712c16485a vim: upgrade 9.0.0820 -> 9.0.0947
Includes fixes for CVE-2022-4141
https://nvd.nist.gov/vuln/detail/CVE-2022-4141

For a short list of important changes, see:
https://www.arp242.net/vimlog/

(From OE-Core rev: 160f459febc7fb36cc0fe85c63eb26780ace3bfd)

Signed-off-by: Zheng Qiu <zheng.qiu@windriver.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-12-05 22:28:12 +00:00
Tim Orling 6851217e31 vim: upgrade 9.0.0614 -> 9.0.0820
Includes fixes for CVE-2022-3705
https://nvd.nist.gov/vuln/detail/CVE-2022-3705

For a short list of important changes, see:
https://www.arp242.net/vimlog/

(From OE-Core rev: f6d917bd0f8810b5ed8d403ad25d59cda2fc9574)

Signed-off-by: Tim Orling <tim.orling@konsulko.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-11-01 17:34:59 +00:00
Teoh Jay Shen 4dc4c214e0 vim: Upgrade 9.0.0598 -> 9.0.0614
Include fixes for CVE-2022-3352.

(From OE-Core rev: 8aa707f80ae1cfe89d5e20ec1f1632a65149aed4)

Signed-off-by: Teoh Jay Shen <jay.shen.teoh@intel.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-10-26 12:28:37 +01:00
Richard Purdie 0250049006 vim: Upgrade 9.0.0541 -> 9.0.0598
Includes a fix for CVE-2022-3278.

(From OE-Core rev: 98c40271692147873a622e168e8b2e90a9fcc54c)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-09-28 08:01:10 +01:00
Richard Purdie 651742ee60 vim: Upgrade 9.0.453 -> 9.0.541
Includes a fix for CVE-2022-3234.

(From OE-Core rev: d6b54f37aa4db1457296b8981b630a49d251ceb5)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-09-22 21:39:21 +01:00
Richard Purdie 8d5cb0399f vim: Upgrade 9.0.0341 -> 9.0.0453
Includes fixes for CVE-2022-3099 and CVE-2022-3134.

(From OE-Core rev: d042923262130b6b96f703b5cd4184f659caeb92)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-09-13 23:03:36 +01:00
Richard Purdie a23e6516ee vim: Upgrade 9.0.0242 -> 9.0.0341
Addresses CVE-2022-2980, CVE-2022-2946 and CVE-2022-2982.

(From OE-Core rev: 01c08d47ecfcc7aefacc8280e0055c75b13795b2)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-09-02 15:58:25 +01:00
Richard Purdie 0972526d2a vim: Upgrade 9.0.0115 -> 9.0.0242
Includes fixes for:

CVE-2022-2816
CVE-2022-2817
CVE-2022-2819
CVE-2022-2845
CVE-2022-2849
CVE-2022-2862
CVE-2022-2874
CVE-2022-2889

(From OE-Core rev: 3ec2d27d09444213ec1c9b91c6f8c4363f297294)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-08-23 15:24:11 +01:00
Randy MacLeod 44cc49c679 vim: update from 9.0.0063 to 9.0.0115
Drop crosscompile.patch which was merged as part of:
   509695c1c (tag: v9.0.0065) patch 9.0.0065: \
      cross-compiling doesn't work because of timer_create check

Also drop: racefix.patch which may have been fixed upstream
and is being tracked by:
   https://github.com/vim/vim/pull/10776
where upstream is asking if the different approach resolves the
race condition. Let's see what's out there!

(From OE-Core rev: 6996472cd33d2d4b91821f2dfe24a27a697e4afe)

Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-08-02 11:30:00 +01:00
Richard Purdie 960ddcc609 vim: Upgrade 9.0.0021 -> 9.0.0063
Pulls in several CVE fixes.
Added a patch to avoid timer_create cross compile issue (and submitted upstream).
Also submit the race fix upstream.
We disable timer_create in the native case since some systems have it
and some don't so this makes us consistent.

(From OE-Core rev: d0c1de084c7ce030d47a428e4bbfbc4ce2996057)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-07-25 22:59:00 +01:00
Mingli Yu 666a30a5be vim: not adjust script pathnames for native scripts either
After the below commit introduced, the shebang size of native scripts
is also checked, so rework the patch to fix the gap.
377fe11bc0 insane.bbclass: Make do_qa_staging check shebangs

Fixes:
   ERROR: QA Issue: : /work/x86_64-linux/vim-native/9.0.0005-r0/sysroot-destdir/work/x86_64-linux/vim-native/9.0.0005-r0/recipe-sysroot-native/usr/share/vim/vim90/tools/mve.awk maximum shebang size exceeded, the maximum size is 128. [shebang-size]
   ERROR: QA Issue: : /work/x86_64-linux/vim-native/9.0.0005-r0/sysroot-destdir/work/x86_64-linux/vim-native/9.0.0005-r0/recipe-sysroot-native/usr/share/vim/vim90/tools/efm_perl.pl maximum shebang size exceeded, the maximum size is 128. [shebang-size]

(From OE-Core rev: 79232458b9cdc741a2049d83839af73f58a5554c)

Signed-off-by: Mingli Yu <mingli.yu@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-07-12 23:56:10 +01:00
Ross Burton 652d51effa vim: upgrade to 9.0.0021
This fixes the following CVEs:
- CVE-2022-2257
- CVE-2022-2264
- CVE-2022-2284
- CVE-2022-2285
- CVE-2022-2286
- CVE-2022-2287

(From OE-Core rev: 03c044a81a76b7505b9d5bf0d936dde75b51905e)

Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-07-12 12:52:52 +01:00
Richard Purdie 38f3d1749b vim: 8.2.5083 -> 9.0.0005
The license checksum changed due to a major version change in the referenced file.

(From OE-Core rev: 89f34d8aa4f4572d048dbb732ca4c83d443157fb)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-06-30 10:27:17 +01:00
Richard Purdie 7ba9cda1ba vim: Upgrade 8.2.5034 -> 8.2.5083
Includes fixes for CVE-2022-1927, CVE-2022-1942.

(From OE-Core rev: 1e740b5c2227c0040621ae63436d06db4873670f)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-06-15 12:27:01 +01:00
Rasmus Villemoes 5f249a407f vim: put xxd in its own package
The xxd tool can be quite handy by itself, and doesn't have anything
to do with vim per se. Make it possible to include the rather tiny xxd
in a rootfs without pulling in the several MB vim binary and
associated data.

For backwards compatibility, add an RDEPENDS from the main package to
the new vim-xxd package.

(From OE-Core rev: 06ed2aa93fc25a681e3a00ee120d9395b04845da)

Signed-off-by: Rasmus Villemoes <rasmus.villemoes@prevas.dk>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-06-08 21:55:56 +01:00
Richard Purdie cc27598e57 vim: Upgrade 8.2.4912 -> 8.2.5034 to fix 9 CVEs
Address CVE-2022-1621, CVE-2022-1629, CVE-2022-1674, CVE-2022-1733, CVE-2022-1735
CVE-2022-1769, CVE-2022-1771, CVE-2022-1785, CVE-2022-1796

(From OE-Core rev: fafce97bd440150ac5c586b53b887ee70a5b66bd)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-05-28 18:38:02 +01:00
Richard Purdie a2e3d6c21d vim: Upgrade 8.2.4681 -> 8.2.4912
Includes fixes for CVE-2022-1381, CVE-2022-1420.

(From OE-Core rev: 77d745bd49c979de987c75fd7a3af116e99db82b)

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-05-08 23:50:34 +01:00