Hello, I have attempted to backport upstream's fix for this CVE in vim in d/patches/CVE-2021-4137.patch on the debian/bullseye branch under lts-team on salsa. My backporting is not correct, and causes a segfault when the tests run. After studying it again, I have come to the conclusion that this is too difficult to backport without becoming a vimscript compilation expert. Therefore, considering the CVE severity, we should mark this one as ignored. But I could be wrong -- maybe it is obvious what is wrong with my backport to someone else's eyes. Therefore, could someone take a look at my work, and let me know if they can see the problem, please? Thanks. -- Sean Whitton
Attachment:
signature.asc
Description: PGP signature