Your message dated Sat, 15 Mar 2025 09:44:44 +0000 with message-id <E1ttO4S-005KoS-VK@coccia.debian.org> and subject line Close 1096100 has caused the Debian Bug report #1096100, regarding bookworm-pu: package vim/2:9.0.1378-2+deb12u2 to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 1096100: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1096100 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: bookworm-pu: package vim/2:9.0.1378-2+deb12u2
- From: Sean Whitton <spwhitton@spwhitton.name>
- Date: Sun, 16 Feb 2025 17:41:17 +0800
- Message-id: <Z7GyvZrqq1u-wJ7F@melete.silentflame.com>
Package: release.debian.org Severity: normal Tags: bookworm User: release.debian.org@packages.debian.org Usertags: pu X-Debbugs-Cc: vim@packages.debian.org, 1094646@bugs.debian.org Control: affects -1 + src:vim This update is identical to the current upload in bookworm-proposed-updates except that a test case that was breaking the builder on a number of architectures has been dropped. We know the test passes on amd64 and there's no reason to think there's anything really architecture-specific about the bug. The impact on stable users without this patch is that the fixes in #1094646 would not reach the users of all architectures. I have uploaded. Thanks! -- Sean Whittondiff -Nru vim-9.0.1378/debian/changelog vim-9.0.1378/debian/changelog --- vim-9.0.1378/debian/changelog 2025-01-23 21:00:20.000000000 +0800 +++ vim-9.0.1378/debian/changelog 2025-02-16 13:23:41.000000000 +0800 @@ -1,3 +1,12 @@ +vim (2:9.0.1378-2+deb12u2) bookworm; urgency=high + + * Drop test case from CVE-2023-2610.patch. + This test was breaking the build on a number of architectures. + The test was removed upstream for similar reasons. + Thanks to James McCoy for reporting the problem. + + -- Sean Whitton <spwhitton@spwhitton.name> Sun, 16 Feb 2025 13:23:41 +0800 + vim (2:9.0.1378-2+deb12u1) bookworm; urgency=high * Backport security fixes: diff -Nru vim-9.0.1378/debian/patches/CVE-2023-2610.patch vim-9.0.1378/debian/patches/CVE-2023-2610.patch --- vim-9.0.1378/debian/patches/CVE-2023-2610.patch 2025-01-23 21:00:20.000000000 +0800 +++ vim-9.0.1378/debian/patches/CVE-2023-2610.patch 2025-02-16 13:19:59.000000000 +0800 @@ -7,10 +7,9 @@ Solution: Limit the text length to MAXCOL. (cherry picked from commit ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a) --- - src/regexp.c | 30 +++++++++++++++++++----------- - src/testdir/test_substitute.vim | 14 ++++++++++++++ - src/version.c | 2 ++ - 3 files changed, 35 insertions(+), 11 deletions(-) + src/regexp.c | 30 +++++++++++++++++++----------- + src/version.c | 2 ++ + 2 files changed, 21 insertions(+), 11 deletions(-) diff --git a/src/regexp.c b/src/regexp.c index f18f33d..08a7cdd 100644 @@ -71,31 +70,6 @@ } } else if (magic) -diff --git a/src/testdir/test_substitute.vim b/src/testdir/test_substitute.vim -index 7491b61..32e2f27 100644 ---- a/src/testdir/test_substitute.vim -+++ b/src/testdir/test_substitute.vim -@@ -1414,6 +1414,20 @@ func Test_substitute_short_cmd() - bw! - endfunc - -+" Check handling expanding "~" resulting in extremely long text. -+func Test_substitute_tilde_too_long() -+ enew! -+ -+ s/.*/ixxx -+ s//~~~~~~~~~AAAAAAA@( -+ -+ " Either fails with "out of memory" or "text too long". -+ " This can take a long time. -+ call assert_fails('sil! norm &&&&&&&&&', ['E1240:\|E342:']) -+ -+ bwipe! -+endfunc -+ - " This should be done last to reveal a memory leak when vim_regsub_both() is - " called to evaluate an expression but it is not used in a second call. - func Test_z_substitute_expr_leak() diff --git a/src/version.c b/src/version.c index 0e83a6f..63e2a41 100644 --- a/src/version.cAttachment: signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---
- To: 1096100-done@bugs.debian.org
- Subject: Close 1096100
- From: jmw@debian.org
- Date: Sat, 15 Mar 2025 09:44:44 +0000
- Message-id: <E1ttO4S-005KoS-VK@coccia.debian.org>
Version: 12.10 This update has been released as part of 12.10. Thank you for your contribution.
--- End Message ---