Opened 15 hours ago
Closed 14 hours ago
#5666 closed enhancement (fixed)
vim-9.1.1166 (Security Update)
| Reported by: | Bruce Dubbs | Owned by: | lfs-book |
|---|---|---|---|
| Priority: | normal | Milestone: | 12.3 |
| Component: | Book | Version: | git |
| Severity: | normal | Keywords: | |
| Cc: |
Description
Another security issue with vim.
patch 9.1.1164: [security]: code execution with tar.vim and special crafted tar files Problem: editing a special crafted tar file allows code execution (RyotaK, after 129a844) Solution: escape the filename before feeding it to the `:read` command
Note:
See TracTickets
for help on using tickets.
Fixed at commit e9c3828c53.