Although this is a new upstream version, their are various important
changes (including fixes for and related to grave bugs) in the package
since 1:7.1.314-3 and relatively few non-bug fix changes in the upstream
release. Full dpkg-parsechangelog of new versions below.
people.d.o has the diffs for the source[0] and runtime[1] files that are
shipped with Vim. I've removed documentation, makefiles, translations
and sources which don't apply to the Debian builds in order to reduce
the size of the diffs.
I've separated out the diff for the compiled sources from the runtime
files partly to ease review and partly because the runtime files can
easily be updated by the end-user without the need for a new package.
Because of this, I think their changes for this upload, while important,
are less so than the compiled sources.
The following are the issues I strongly think should be included in the
Lenny version of Vim:
- /etc/vim/vimrc.tiny was moved from vim-common to vim-tiny in
1:7.1.293-2, but vim-common.preinst didn't exist to remove the
conffile from vim-common's control. (#499451)
- vim-tiny and vim-runtime install conflicting files (as of 1:7.1-056+1)
which was handled by vim-runtime Replacing vim-tiny. This was changed
to use diversions in 1:7.1.314-1 to avoid losing files if vim-runtime
is later removed by the user.
The maintainer scripts handling the transition to diversions weren't
fully sorted out (and therefore caused potential install/upgrade
issues) until 2:7.2.000-1. (#492540)
- Vim 7.2 has improved filename escaping issues to address the
possibility of causing Vim to run arbitrary commands by editing files
with specially crafted file names or contents. It also contains
updates to the runtime files to make use of (and correct initial
attempts at using) the new escaping functions. (#492519, #488557,
#500381)
The following are less important but issues that I'd prefer to have
released in Lenny:
- In 1:7.1-245+1, after dicussion with upstream, I added a patch which
delayed the effect of using the -N/-C command line options until after
Vim had finished reading all of its config files (#438560). In
further prodding about the status of the patch being included,
upstream decided that this change in behavior really wasn't something
he wanted and the patch was backed out in 2:7.2.000-3. Having
1:7.1.314-3 released with Lenny would be a regression in this regard.
- Vim could be made to malloc many GB of memory via specially crafted
spell files, thus causing the system to hang until Vim was killed by
the OOM killer[2]. This was partially patched in 1:7.1-022+1 to address
the problems I knew of but was more thoroughly fixed by upstream in
7.2.
[0] - http://people.debian.org/~jamessan/tmp/vim.diff.gz
[1] - http://people.debian.org/~jamessan/tmp/vim-runtime.diff.gz
[2] - http://lists.alioth.debian.org/pipermail/pkg-vim-maintainers/2007-June/004020.html
Source: vim
Version: 2:7.2.010-1
Distribution: unstable
Urgency: low
Maintainer: James Vega <jamessan@debian.org>
Date: Sat, 27 Sep 2008 14:56:03 -0400
Closes: 399784 424033 441785 456897 482373 482776 485119 486114 487120 487221 487385 488557 488881 489667 489853 492450 492519 499451 500381
Changes:
vim (2:7.2.010-1) unstable; urgency=low
.
* New upstream patches (1 - 10), see README.gz for details.
- 7.2.010 correctly escapes the visually selected text used by the K
command. (CVE-2008-4101, Closes: #500381)
* Add note to NEWS about how to re-enable filetype plugins.
.
vim (2:7.2.000-3) unstable; urgency=low
.
* Add vim-runtime.preinst to handle removing /etc/vim/vimrc.tiny when
upgrading to 1:7.1.293-2 or later. The conffile was moved to vim-tiny and
therefore needs to be removed before the new vim-tiny is installed so dpkg
forgets about it. (Closes: #499451)
.
vim (2:7.2.000-2) unstable; urgency=low
.
* src/main.c: After further discussion with upstream, revert behavior of
-N/-C causing (no)compatible to be set after all startup files/plugins are
sourced, c.f. #438560.
* debian/NEWS: Remove entry from a test build
* debian.vim: Remove commented out settings since this isn't meant to be
modified by users.
* /etc/vim/vimrc: Update filetype plugin comment to correctly state that
filetype plugins aren't enabled by default.
.
vim (2:7.2.000-1) unstable; urgency=low
.
* New upstream release (7.2)
* debian/vim-runtime.preinst: Handle a couple of cases where files are
left-behind or diversions setup incorrectly if vim-tiny was currently
installed during the transition to vim-runtime Replacing vim-tiny.
(Closes: #492450)
.
vim (2:7.2c.000-1) experimental; urgency=low
.
* New upstream release candidate.
- 7.2b.026 fixes continuous disk activity after using GTK2's "Recent
Files" selector. (Closes: #456897)
- runtime/syntax/zsh.vim: Fixed highlighting of "here-string" redirection.
(Closes: #482373)
* runtime/filetype.vim: Remove duplicate apache filetype detection.
* runtime/autoload/netrw.vim: Fix deletion of incorrect file in wide display
listing. Using Jan Minář's patch from the vim-dev list. (Closes:
#492519)
* debian.vim: Do not enable 'autoindent' and filetype plugins by default.
* vim-runtime.preinst: Use proper invocation of dpkg-divert when removing
diversions.
* README.Debian: Note that securemodelines is in vim-scripts.
* runtime/syntax/tex.vim: Revert diversions from upstream for packages
upstream author doesn't support.
* debian/rules: Instruct configure not to look at /usr/local for
includes/libs.
.
vim (2:7.2b.001-1) experimental; urgency=low
.
[ James Vega ]
* New upstream release candidate and patch (001), see README.gz for details.
- 7.2a.004 use wget/curl/fetch if available for downloading spellfiles.
(Closes: #487221)
- runtime/autoload/netrw.vim:
+ No longer creates an "undeletable" buffer when 'hidden' is set.
(Closes: #482776)
+ Screen is redrawn after invoking external file handler. (Closes:
#487120)
+ Hidden files are correctly opened when using NetRW's wide listing.
(Closes: #487385)
+ Escaping of filenames cleaned-up which allows opening BTS attachments
again. (Closes: #488557)
- runtime/autoload/netrwsettings.vim: Remove use of non-existent
variables. (Closes: #488881)
- runtime/syntax/sh.vim
+ Use stricter matches for shell loop control. (Closes: #486114)
* Bump epoch and use a saner format for the snapshot versioning.
* runtime/syntax/debcontrol.vim: Hilight DM-Upload-Allowed in control files
(Closes: #485119)
* runtime/filetype.vim:
- Udev filetype detection should match /etc/udev/*.rules not /etc/udev.d
- Remove duplicate debcontrol detection
- Detect .ptl files as python. Thanks to Santiago Ruano Rincón for the
patch. (Closes: #399784)
* debian/control:
- Add libxt-dev Build-Depends.
- vim-runtime Depends dpkg (>= 1.14.20) for sane dpkg-divert behavior.
* debian/rules:
- Update handling of DEB_BUILD_OPTIONS according to policy 3.8.0
- Explicitly call upstream's installgtutorbin target
- Add a manpage for gvimtutor by symlinking to the vimtutor manpage.
- Remove needless branch checkouts from update-orig target.
* debian/update-patches:
- Update for 7.2b beta. Cleanup some code.
- Redirect git-show's stderr to /dev/null.
- Remove an erroneous comment.
- Include the patch number in the summary.
- Use git add debian/README instead of specifying the file to git-commit
- Fix syntax of an if block.
- Ignore leading 0's in patch numbers so they aren't treated as octal.
- Improve handling when fetching the first patch to a new release.
* debian/vim-runtime.links: Add gvimtutor.1 symlink.
* debian/vim-runtime.install: Use the upstream-installed gvimtutor instead
of the one from the src directory.
* debian/vim-common.install: Explicitly list which manpages are installed to
vim-common instead of installing all of /usr/share/man and sorting it out
in debian/rules.
* debian/vim-common.links: Remove listed symlinks which are generated by
debian/rules.
* runtime/syntax/debcontrol.vim: Accept http URIs as valid for Vcs-Git.
Thanks to martin krafft for the patch. (Closes: #489853)
* runtime/tools/vimm: Use printf instead of echo to avoid bashisms.
(Closes: 489667)
* src/ui.c: Remove "#if defined" checks around check_col/check_row
definitions to fix a compile error when building vim-tiny.
* debian/vim-runtime.preinst, debian/vim-runtime.postrm:
- Remove special handling of adding/removing diversions now that
dpkg-divert behavior is fixed (and migrated).
- Add vim72a to the list of previous diversions to remove on upgrade (if
only dpkg handled diversions internally...)
.
[ Gerfried Fuchs ]
* runtime/syntax/debchangelog.vim: package names are allowed to start off
with alphanumeric, not only alpha.
.
vim (1:7.2.0~a-1) experimental; urgency=low
.
* New upstream release candidate.
- Setting 'pastetoggle' to a multi-key string works again. (Closes:
#424033)
- Match offsets work correctly with multi-byte characters. (Closes:
#441785)
- GNU Screen is detected as supporting xterm mouse codes.
* Merged upstream:
- src/spell.c: Check for EOF while reading the spelllang file in case it
is a corrupt file.
* debian/README:
- Removed until upstream adds one for 7.2
* debian/rules:
- Update upstream version to 7.2a snapshot
* debian/vim-runtime.preinst:
- The diversions we use are under a versioned directory based on the major
upstream version. Need to remove the diversions for the vim71
directory.
* Change the shebang lines in all maintainer scripts back to #!/bin/sh since
we no longer use bashisms.
* debian/lintian/vim-runtime:
- Generate this file in debian/rules so the override always has the right
versioned directory.
Attachment:
signature.asc
Description: Digital signature