Wed Aug 17 20:41:53 UTC 202220220817204153_15.0

patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txz: Rebuilt. Fix use after free, out-of-bounds read, and heap based buffer overflow. Thanks to marav for the heads-up. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2816 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2817 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2819 (* Security fix *) patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txz: Rebuilt.
author: Patrick J Volkerding <volkerdi@slackware.com> 2022-08-17 20:41:53 +0000
committer: Eric Hameleers <alien@slackware.com> 2022-08-18 13:30:02 +0200
commit: 821b8a94bf6a33da86d2e1f956c068d2b6270e40 (patch)
tree: 8b29563a041d4681367f421d9fee2782e1a07d2b
parent: 834b3a5fc210d2991416f66166351b787bf0fb92 (diff)
download: current-821b8a94bf6a33da86d2e1f956c068d2b6270e40.tar.gz
11 files changed, 218 insertions, 37 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss
index 21a40f64..e3d333f7 100644
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@@ -11,10 +11,29 @@
       <description>Tracking Slackware development in git.</description>
       <language>en-us</language>
       <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Tue, 16 Aug 2022 18:51:34 GMT</pubDate>
-      <lastBuildDate>Wed, 17 Aug 2022 11:30:15 GMT</lastBuildDate>
+      <pubDate>Wed, 17 Aug 2022 20:41:53 GMT</pubDate>
+      <lastBuildDate>Thu, 18 Aug 2022 11:29:51 GMT</lastBuildDate>
       <generator>maintain_current_git.sh v 1.17</generator>
       <item>
+         <title>Wed, 17 Aug 2022 20:41:53 GMT</title>
+         <pubDate>Wed, 17 Aug 2022 20:41:53 GMT</pubDate>
+         <link>https://git.slackware.nl/current/tag/?h=20220817204153</link>
+         <guid isPermaLink="false">20220817204153</guid>
+         <description>
+           <![CDATA[<pre>
+patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txz:  Rebuilt.
+  Fix use after free, out-of-bounds read, and heap based buffer overflow.
+  Thanks to marav for the heads-up.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2816
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2817
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2819
+  (* Security fix *)
+patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txz:  Rebuilt.
+           </pre>]]>
+         </description>
+      </item>
+      <item>
          <title>Tue, 16 Aug 2022 18:51:34 GMT</title>
          <pubDate>Tue, 16 Aug 2022 18:51:34 GMT</pubDate>
          <link>https://git.slackware.nl/current/tag/?h=20220816185134</link>
diff --git a/ChangeLog.txt b/ChangeLog.txt
index 22963333..269c326a 100644
--- a/ChangeLog.txt
+++ b/ChangeLog.txt
@@ -1,3 +1,14 @@
+Wed Aug 17 20:41:53 UTC 2022
+patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txz:  Rebuilt.
+  Fix use after free, out-of-bounds read, and heap based buffer overflow.
+  Thanks to marav for the heads-up.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2816
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2817
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2819
+  (* Security fix *)
+patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txz:  Rebuilt.
++--------------------------+
 Tue Aug 16 18:51:34 UTC 2022
 patches/packages/mariadb-10.5.17-x86_64-1_slack15.0.txz:  Upgraded.
   This update fixes bugs and several security issues.
diff --git a/FILELIST.TXT b/FILELIST.TXT
index a40ec865..6696c558 100644
--- a/FILELIST.TXT
+++ b/FILELIST.TXT
@@ -1,20 +1,20 @@
-Tue Aug 16 18:54:25 UTC 2022
+Wed Aug 17 20:44:53 UTC 2022
 
 Here is the file list for this directory.  If you are using a 
 mirror site and find missing or extra files in the disk 
 subdirectories, please have the archive administrator refresh
 the mirror.
 
-drwxr-xr-x 12 root root      4096 2022-08-16 18:51 .
+drwxr-xr-x 12 root root      4096 2022-08-17 20:41 .
 -rw-r--r--  1 root root      5767 2022-02-02 22:44 ./ANNOUNCE.15.0
 -rw-r--r--  1 root root     16609 2022-03-30 19:03 ./CHANGES_AND_HINTS.TXT
--rw-r--r--  1 root root   1147493 2022-08-15 20:29 ./CHECKSUMS.md5
--rw-r--r--  1 root root       163 2022-08-15 20:29 ./CHECKSUMS.md5.asc
+-rw-r--r--  1 root root   1147493 2022-08-16 18:54 ./CHECKSUMS.md5
+-rw-r--r--  1 root root       163 2022-08-16 18:54 ./CHECKSUMS.md5.asc
 -rw-r--r--  1 root root     17976 1994-06-10 02:28 ./COPYING
 -rw-r--r--  1 root root     35147 2007-06-30 04:21 ./COPYING3
 -rw-r--r--  1 root root     19573 2016-06-23 20:08 ./COPYRIGHT.TXT
 -rw-r--r--  1 root root       616 2006-10-02 04:37 ./CRYPTO_NOTICE.TXT
--rw-r--r--  1 root root   1916465 2022-08-16 18:51 ./ChangeLog.txt
+-rw-r--r--  1 root root   1917011 2022-08-17 20:41 ./ChangeLog.txt
 drwxr-xr-x  3 root root      4096 2013-03-20 22:17 ./EFI
 drwxr-xr-x  2 root root      4096 2022-02-02 08:21 ./EFI/BOOT
 -rw-r--r--  1 root root   1187840 2021-06-15 19:16 ./EFI/BOOT/bootx64.efi
@@ -25,7 +25,7 @@ drwxr-xr-x  2 root root      4096 2022-02-02 08:21 ./EFI/BOOT
 -rwxr-xr-x  1 root root      2504 2019-07-05 18:54 ./EFI/BOOT/make-grub.sh
 -rw-r--r--  1 root root     10722 2013-09-21 19:02 ./EFI/BOOT/osdetect.cfg
 -rw-r--r--  1 root root      1273 2013-08-12 21:08 ./EFI/BOOT/tools.cfg
--rw-r--r--  1 root root   1498064 2022-08-15 20:28 ./FILELIST.TXT
+-rw-r--r--  1 root root   1498064 2022-08-16 18:54 ./FILELIST.TXT
 -rw-r--r--  1 root root      1572 2012-08-29 18:27 ./GPG-KEY
 -rw-r--r--  1 root root    864745 2022-02-02 08:25 ./PACKAGES.TXT
 -rw-r--r--  1 root root      8034 2022-02-02 03:36 ./README.TXT
@@ -737,13 +737,13 @@ drwxr-xr-x  2 root root      4096 2008-05-07 05:21 ./pasture/source/php/pear
 -rwxr-xr-x  1 root root      9448 2018-05-16 22:38 ./pasture/source/php/php.SlackBuild
 -rw-r--r--  1 root root       775 2017-07-07 19:25 ./pasture/source/php/php.ini-development.diff.gz
 -rw-r--r--  1 root root       830 2005-12-09 05:18 ./pasture/source/php/slack-desc
-drwxr-xr-x  4 root root      4096 2022-08-16 18:54 ./patches
--rw-r--r--  1 root root     43937 2022-08-16 18:54 ./patches/CHECKSUMS.md5
--rw-r--r--  1 root root       163 2022-08-16 18:54 ./patches/CHECKSUMS.md5.asc
--rw-r--r--  1 root root     58932 2022-08-16 18:54 ./patches/FILE_LIST
--rw-r--r--  1 root root  11193048 2022-08-16 18:54 ./patches/MANIFEST.bz2
--rw-r--r--  1 root root     33462 2022-08-16 18:54 ./patches/PACKAGES.TXT
-drwxr-xr-x  3 root root     16384 2022-08-16 18:54 ./patches/packages
+drwxr-xr-x  4 root root      4096 2022-08-17 20:44 ./patches
+-rw-r--r--  1 root root     44147 2022-08-17 20:44 ./patches/CHECKSUMS.md5
+-rw-r--r--  1 root root       163 2022-08-17 20:44 ./patches/CHECKSUMS.md5.asc
+-rw-r--r--  1 root root     59193 2022-08-17 20:44 ./patches/FILE_LIST
+-rw-r--r--  1 root root  11195452 2022-08-17 20:44 ./patches/MANIFEST.bz2
+-rw-r--r--  1 root root     33462 2022-08-17 20:44 ./patches/PACKAGES.TXT
+drwxr-xr-x  3 root root     16384 2022-08-17 20:44 ./patches/packages
 -rw-r--r--  1 root root       327 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txt
 -rw-r--r--  1 root root     10716 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-02-15 05:07 ./patches/packages/aaa_base-15.0-x86_64-4_slack15.0.txz.asc
@@ -874,12 +874,12 @@ drwxr-xr-x  2 root root      4096 2022-05-09 21:37 ./patches/packages/linux-5.15
 -rw-r--r--  1 root root       354 2022-02-15 18:37 ./patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root   2805300 2022-02-15 18:37 ./patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-02-15 18:37 ./patches/packages/util-linux-2.37.4-x86_64-1_slack15.0.txz.asc
--rw-r--r--  1 root root       383 2022-03-30 22:32 ./patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txt
--rw-r--r--  1 root root   8140380 2022-03-30 22:32 ./patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txz
--rw-r--r--  1 root root       163 2022-03-30 22:32 ./patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txz.asc
--rw-r--r--  1 root root       503 2022-03-30 22:34 ./patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txt
--rw-r--r--  1 root root   1660648 2022-03-30 22:34 ./patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txz
--rw-r--r--  1 root root       163 2022-03-30 22:34 ./patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txz.asc
+-rw-r--r--  1 root root       383 2022-08-17 19:21 ./patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txt
+-rw-r--r--  1 root root   8144256 2022-08-17 19:21 ./patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txz
+-rw-r--r--  1 root root       163 2022-08-17 19:21 ./patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txz.asc
+-rw-r--r--  1 root root       503 2022-08-17 19:22 ./patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txt
+-rw-r--r--  1 root root   1659412 2022-08-17 19:22 ./patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txz
+-rw-r--r--  1 root root       163 2022-08-17 19:22 ./patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txz.asc
 -rw-r--r--  1 root root       507 2022-07-10 18:40 ./patches/packages/wavpack-5.5.0-x86_64-1_slack15.0.txt
 -rw-r--r--  1 root root    185936 2022-07-10 18:40 ./patches/packages/wavpack-5.5.0-x86_64-1_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-07-10 18:40 ./patches/packages/wavpack-5.5.0-x86_64-1_slack15.0.txz.asc
@@ -904,7 +904,7 @@ drwxr-xr-x  2 root root      4096 2022-05-09 21:37 ./patches/packages/linux-5.15
 -rw-r--r--  1 root root       388 2022-08-09 17:48 ./patches/packages/zlib-1.2.12-x86_64-2_slack15.0.txt
 -rw-r--r--  1 root root    105196 2022-08-09 17:48 ./patches/packages/zlib-1.2.12-x86_64-2_slack15.0.txz
 -rw-r--r--  1 root root       163 2022-08-09 17:48 ./patches/packages/zlib-1.2.12-x86_64-2_slack15.0.txz.asc
-drwxr-xr-x 45 root root      4096 2022-08-16 18:43 ./patches/source
+drwxr-xr-x 45 root root      4096 2022-08-17 20:38 ./patches/source
 drwxr-xr-x  2 root root      4096 2022-01-16 05:07 ./patches/source/aaa_base
 -rw-r--r--  1 root root     11041 2022-02-15 04:49 ./patches/source/aaa_base/_aaa_base.tar.gz
 -rwxr-xr-x  1 root root      3894 2022-02-15 05:07 ./patches/source/aaa_base/aaa_base.SlackBuild
@@ -1300,15 +1300,18 @@ drwxr-xr-x  2 root root      4096 2020-05-08 19:39 ./patches/source/util-linux/p
 -rw-r--r--  1 root root       335 2014-07-03 08:34 ./patches/source/util-linux/util-linux.fdisk-no-solaris.diff.gz
 -rw-r--r--  1 root root     10292 2009-05-30 01:25 ./patches/source/util-linux/ziptool-1.4.0.tar.xz
 -rw-r--r--  1 root root       386 2009-05-30 01:25 ./patches/source/util-linux/ziptool-fix_build.patch.gz
-drwxr-xr-x  2 root root      4096 2022-03-30 18:18 ./patches/source/vim
+drwxr-xr-x  2 root root      4096 2022-08-17 19:11 ./patches/source/vim
+-rw-r--r--  1 root root       547 2022-08-17 19:02 ./patches/source/vim/CVE-2022-2816.patch.gz
+-rw-r--r--  1 root root      1105 2022-08-17 19:03 ./patches/source/vim/CVE-2022-2817.patch.gz
+-rw-r--r--  1 root root       687 2022-08-17 19:03 ./patches/source/vim/CVE-2022-2819.patch.gz
 -rw-r--r--  1 root root    299348 2009-07-09 22:03 ./patches/source/vim/ctags-5.8.tar.xz
 -rw-r--r--  1 root root      2768 2022-02-12 08:11 ./patches/source/vim/ctags.use-conventional-unused-marker.patch.gz
 -rw-r--r--  1 root root      8249 2006-01-19 17:01 ./patches/source/vim/gvim.png
 -rw-r--r--  1 root root       834 2018-02-27 06:13 ./patches/source/vim/slack-desc.vim
 -rw-r--r--  1 root root       959 2018-03-15 02:41 ./patches/source/vim/slack-desc.vim-gvim
 -rw-r--r--  1 root root  10400559 2022-03-30 18:17 ./patches/source/vim/vim-8.2.4649.tar.lz
--rwxr-xr-x  1 root root      6370 2022-03-30 22:26 ./patches/source/vim/vim-gvim.SlackBuild
--rwxr-xr-x  1 root root      7934 2022-03-30 22:26 ./patches/source/vim/vim.SlackBuild
+-rwxr-xr-x  1 root root      6589 2022-08-17 19:08 ./patches/source/vim/vim-gvim.SlackBuild
+-rwxr-xr-x  1 root root      8153 2022-08-17 19:12 ./patches/source/vim/vim.SlackBuild
 -rw-r--r--  1 root root       283 2019-01-11 20:43 ./patches/source/vim/vim.vimrc.diff.gz
 drwxr-xr-x  2 root root      4096 2022-07-10 18:34 ./patches/source/wavpack
 -rw-r--r--  1 root root       963 2019-12-19 18:54 ./patches/source/wavpack/slack-desc
@@ -2736,9 +2739,9 @@ drwxr-xr-x  2 root root     69632 2022-02-01 08:29 ./slackware64/kde
 -rw-r--r--  1 root root       163 2022-01-08 22:35 ./slackware64/kde/kimageformats-5.90.0-x86_64-1.txz.asc
 -rw-r--r--  1 root root       253 2022-01-06 22:54 ./slackware64/kde/kimagemapeditor-21.12.1-x86_64-1.txt
 -rw-r--r--  1 root root   1180648 2022-01-06 22:54 ./slackware64/kde/kimagemapeditor-21.12.1-x86_64-1.txz
--rw-r--r--  1 root root       163 2022-01-06 22:54 ./slackware64/kde/kimagemapeditor-21.12.1-x86_64-1.txz.asc
--rw-r--r--  1 root root       184 2022-01-06 21:38 ./slackware64/kde/kimap-21.12.1-x86_64-1.txt
--rw-r--r--  1 root root    234768 2022-01-06 21:38 ./slackware64/kde/kimap-21.12.1-x86_64-1.txz
+-rw-r--r-- 1 root root      163 2022-01-06 22:54 ./slackware64/kde/kimagemapeditor-21.12.1-x86_64-1.txz.asc
+-rw-r--r-- 1 root root      184 2022-01-06 21:38 ./slackware64/kde/kimap-21.12.1-x86_64-1.txt
+-rw-r--r-- 1 root root   234768 2022-01-06 21:38 ./slackware64/kde/kimap-21.12.1-x86_64-1.txz
 -rw-r--r-- 1 root root      163 2022-01-06 21:38 ./slackware64/kde/kimap-21.12.1-x86_64-1.txz.asc
 -rw-r--r-- 1 root root      268 2022-01-04 21:35 ./slackware64/kde/kinfocenter-5.23.5-x86_64-1.txt
 -rw-r--r-- 1 root root  1411476 2022-01-04 21:35 ./slackware64/kde/kinfocenter-5.23.5-x86_64-1.txz
@@ -5491,9 +5494,9 @@ drwxr-xr-x 2 root root    65536 2022-02-01 04:47 ./slackware64/x
 -rw-r--r-- 1 root root 91118036 2021-02-13 13:00 ./slackware64/x/noto-cjk-fonts-ttf-2.001-noarch-3.txz
 -rw-r--r-- 1 root root      163 2021-02-13 13:00 ./slackware64/x/noto-cjk-fonts-ttf-2.001-noarch-3.txz.asc
 -rw-r--r-- 1 root root      710 2021-10-01 05:30 ./slackware64/x/noto-fonts-ttf-20171024-noarch-4.txt
--rw-r--r-- 1 root root 11603404 2021-10-01 05:30 ./slackware64/x/noto-fonts-ttf-20171024-noarch-4.txz
--rw-r--r-- 1 root root      163 2021-10-01 05:30 ./slackware64/x/noto-fonts-ttf-20171024-noarch-4.txz.asc
--rw-r--r-- 1 root root      222 2021-02-13 13:11 ./slackware64/x/oclock-1.0.4-x86_64-4.txt
+-rw-r--r--   1 root root  11603404 2021-10-01 05:30 ./slackware64/x/noto-fonts-ttf-20171024-noarch-4.txz
+-rw-r--r--   1 root root       163 2021-10-01 05:30 ./slackware64/x/noto-fonts-ttf-20171024-noarch-4.txz.asc
+-rw-r--r--   1 root root       222 2021-02-13 13:11 ./slackware64/x/oclock-1.0.4-x86_64-4.txt
 -rw-r--r--   1 root root     21600 2021-02-13 13:11 ./slackware64/x/oclock-1.0.4-x86_64-4.txz
 -rw-r--r--   1 root root       163 2021-02-13 13:11 ./slackware64/x/oclock-1.0.4-x86_64-4.txz.asc
 -rw-r--r--   1 root root       366 2021-02-13 13:09 ./slackware64/x/pixman-0.40.0-x86_64-3.txt
@@ -15106,10 +15109,10 @@ drwxr-xr-x   2 root root      4096 2021-08-02 18:03 ./source/x/x11/src/util
 -rw-r--r--   1 root root    148372 2019-03-16 23:26 ./source/x/x11/src/util/imake-1.0.8.tar.xz
 -rw-r--r--   1 root root    106664 2012-03-08 05:51 ./source/x/x11/src/util/lndir-1.0.3.tar.xz
 -rw-r--r--   1 root root    136760 2019-03-16 23:42 ./source/x/x11/src/util/makedepend-1.0.6.tar.xz
--rw-r--r--   1 root root     82048 2021-01-24 14:41 ./source/x/x11/src/util/util-macros-1.19.3.tar.xz
--rw-r--r--   1 root root    302744 2021-08-02 01:00 ./source/x/x11/src/util/xorg-cf-files-1.0.7.tar.xz
-drwxr-xr-x   2 root root      4096 2020-02-23 17:53 ./source/x/x11/src/xcb
--rw-r--r--   1 root root     53800 2017-03-14 17:55 ./source/x/x11/src/xcb/libpthread-stubs-0.4.tar.xz
+-rw-r--r--  1 root root     82048 2021-01-24 14:41 ./source/x/x11/src/util/util-macros-1.19.3.tar.xz
+-rw-r--r--  1 root root    302744 2021-08-02 01:00 ./source/x/x11/src/util/xorg-cf-files-1.0.7.tar.xz
+drwxr-xr-x  2 root root      4096 2020-02-23 17:53 ./source/x/x11/src/xcb
+-rw-r--r--  1 root root     53800 2017-03-14 17:55 ./source/x/x11/src/xcb/libpthread-stubs-0.4.tar.xz
 -rw-r--r--  1 root root    247676 2014-10-15 05:34 ./source/x/x11/src/xcb/xcb-util-0.4.0.tar.xz
 -rw-r--r--  1 root root    258940 2016-05-12 07:58 ./source/x/x11/src/xcb/xcb-util-cursor-0.1.3.tar.xz
 -rw-r--r--  1 root root    251100 2015-04-26 14:14 ./source/x/x11/src/xcb/xcb-util-errors-1.0.tar.xz
diff --git a/patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txt b/patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txt
index 4a843388..4a843388 100644
--- a/patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txt
+++ b/patches/packages/vim-8.2.4649-x86_64-2_slack15.0.txt
diff --git a/patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txt b/patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txt
index 3b81553b..3b81553b 100644
--- a/patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txt
+++ b/patches/packages/vim-gvim-8.2.4649-x86_64-2_slack15.0.txt
diff --git a/patches/source/vim/CVE-2022-2816.patch b/patches/source/vim/CVE-2022-2816.patch
new file mode 100644
index 00000000..da790fb6
--- /dev/null
+++ b/patches/source/vim/CVE-2022-2816.patch
@@ -0,0 +1,26 @@
+From dbdd16b62560413abcc3c8e893cc3010ccf31666 Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Sun, 14 Aug 2022 21:46:07 +0100
+Subject: [PATCH] patch 9.0.0212: invalid memory access when compiling :unlet
+
+Problem:    Invalid memory access when compiling :unlet.
+Solution:   Don't read past the end of the line.
+---
+
+diff --git a/src/vim9cmds.c b/src/vim9cmds.c
+index 35a382138bf3..93032d6bf154 100644
+--- a/src/vim9cmds.c
++++ b/src/vim9cmds.c
+@@ -92,6 +92,12 @@ free_locals(cctx_T *cctx)
+     int
+ check_vim9_unlet(char_u *name)
+ {
++    if (*name == NUL)
++    {
++	semsg(_(e_argument_required_for_str), "unlet");
++	return FAIL;
++    }
++
+     if (name[1] != ':' || vim_strchr((char_u *)"gwtb", *name) == NULL)
+     {
+ 	// "unlet s:var" is allowed in legacy script.
diff --git a/patches/source/vim/CVE-2022-2817.patch b/patches/source/vim/CVE-2022-2817.patch
new file mode 100644
index 00000000..d9bfc1a6
--- /dev/null
+++ b/patches/source/vim/CVE-2022-2817.patch
@@ -0,0 +1,69 @@
+From 249e1b903a9c0460d618f6dcc59aeb8c03b24b20 Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Sun, 14 Aug 2022 22:23:02 +0100
+Subject: [PATCH] patch 9.0.0213: using freed memory with error in assert
+ argument
+
+Problem:    Using freed memory with error in assert argument.
+Solution:   Make a copy of the error.
+---
+
+diff --git a/src/testdir/test_assert.vim b/src/testdir/test_assert.vim
+index 27b2d73fbfc8..7c9d090b39df 100644
+--- a/src/testdir/test_assert.vim
++++ b/src/testdir/test_assert.vim
+@@ -291,6 +291,10 @@ func Test_assert_fail_fails()
+     let exp = v:exception
+   endtry
+   call assert_match("E1174: String required for argument 5", exp)
++
++  call assert_equal(1, assert_fails('c0', ['', '\1']))
++  call assert_match("Expected '\\\\\\\\1' but got 'E939: Positive count required: c0': c0", v:errors[0])
++  call remove(v:errors, 0)
+ endfunc
+ 
+ func Test_assert_fails_in_try_block()
+diff --git a/src/testing.c b/src/testing.c
+index f2355f5dac13..21eb9c18e6e2 100644
+--- a/src/testing.c
++++ b/src/testing.c
+@@ -597,6 +597,7 @@ f_assert_fails(typval_T *argvars, typval_T *rettv)
+     int		save_trylevel = trylevel;
+     int		called_emsg_before = called_emsg;
+     char	*wrong_arg_msg = NULL;
++    char_u	*tofree = NULL;
+ 
+     if (check_for_string_or_number_arg(argvars, 0) == FAIL
+ 	    || check_for_opt_string_or_list_arg(argvars, 1) == FAIL
+@@ -660,13 +661,17 @@ f_assert_fails(typval_T *argvars, typval_T *rettv)
+ 	    }
+ 	    else if (list->lv_len == 2)
+ 	    {
+-		tv = &list->lv_u.mat.lv_last->li_tv;
+-		actual = get_vim_var_str(VV_ERRMSG);
+-		expected = tv_get_string_buf_chk(tv, buf);
+-		if (!pattern_match(expected, actual, FALSE))
++		// make a copy, an error in pattern_match() may free it
++		tofree = actual = vim_strsave(get_vim_var_str(VV_ERRMSG));
++		if (actual != NULL)
+ 		{
+-		    error_found = TRUE;
+-		    expected_str = expected;
++		    tv = &list->lv_u.mat.lv_last->li_tv;
++		    expected = tv_get_string_buf_chk(tv, buf);
++		    if (!pattern_match(expected, actual, FALSE))
++		    {
++			error_found = TRUE;
++			expected_str = expected;
++		    }
+ 		}
+ 	    }
+ 	}
+@@ -749,6 +754,7 @@ f_assert_fails(typval_T *argvars, typval_T *rettv)
+     msg_scrolled = 0;
+     lines_left = Rows;
+     VIM_CLEAR(emsg_assert_fails_msg);
++    vim_free(tofree);
+     set_vim_var_string(VV_ERRMSG, NULL, 0);
+     if (wrong_arg_msg != NULL)
+ 	emsg(_(wrong_arg_msg));
diff --git a/patches/source/vim/CVE-2022-2819.patch b/patches/source/vim/CVE-2022-2819.patch
new file mode 100644
index 00000000..59c25d8c
--- /dev/null
+++ b/patches/source/vim/CVE-2022-2819.patch
@@ -0,0 +1,40 @@
+From d1d8f6bacb489036d0fd479c9dd3c0102c988889 Mon Sep 17 00:00:00 2001
+From: Bram Moolenaar <Bram@vim.org>
+Date: Sun, 14 Aug 2022 21:28:32 +0100
+Subject: [PATCH] patch 9.0.0211: invalid memory access when compiling :lockvar
+
+Problem:    Invalid memory access when compiling :lockvar.
+Solution:   Don't read past the end of the line.
+---
+
+diff --git a/src/vim9cmds.c b/src/vim9cmds.c
+index ad32c32ff7cb..35a382138bf3 100644
+--- a/src/vim9cmds.c
++++ b/src/vim9cmds.c
+@@ -188,10 +188,17 @@ compile_lock_unlock(
+     size_t	len;
+     char_u	*buf;
+     isntype_T	isn = ISN_EXEC;
++    char	*cmd = eap->cmdidx == CMD_lockvar ? "lockvar" : "unlockvar";
+ 
+     if (cctx->ctx_skip == SKIP_YES)
+ 	return OK;
+ 
++    if (*p == NUL)
++    {
++	semsg(_(e_argument_required_for_str), cmd);
++	return FAIL;
++    }
++
+     // Cannot use :lockvar and :unlockvar on local variables.
+     if (p[1] != ':')
+     {
+@@ -223,8 +230,6 @@ compile_lock_unlock(
+ 	ret = FAIL;
+     else
+     {
+-	char *cmd = eap->cmdidx == CMD_lockvar ? "lockvar" : "unlockvar";
+-
+ 	if (deep < 0)
+ 	    vim_snprintf((char *)buf, len, "%s! %s", cmd, p);
+ 	else
diff --git a/patches/source/vim/vim-gvim.SlackBuild b/patches/source/vim/vim-gvim.SlackBuild
index 6eb01708..175391c1 100755
--- a/patches/source/vim/vim-gvim.SlackBuild
+++ b/patches/source/vim/vim-gvim.SlackBuild
@@ -32,7 +32,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 PKGNAM=vim-gvim
 VIMBRANCH=8.2
 VERSION=$(echo vim-${VIMBRANCH}*.tar.?z | rev | cut -f 3- -d . | cut -f 1 -d - | rev)
-BUILD=${BUILD:-1_slack15.0}
+BUILD=${BUILD:-2_slack15.0}
 
 # The possible settings for this are yes/no/dynamic.
 PERLINTERP=${PERLINTERP:-dynamic}
@@ -111,6 +111,11 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \+
 
+# Fix security issues:
+zcat $CWD/CVE-2022-2816.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/CVE-2022-2817.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/CVE-2022-2819.patch.gz | patch -p1 --verbose || exit 1
+
 config_vim --with-x --enable-gui=gtk3 || exit 1
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
diff --git a/patches/source/vim/vim.SlackBuild b/patches/source/vim/vim.SlackBuild
index 0b4f8132..6b20386d 100755
--- a/patches/source/vim/vim.SlackBuild
+++ b/patches/source/vim/vim.SlackBuild
@@ -25,7 +25,7 @@ cd $(dirname $0) ; CWD=$(pwd)
 PKGNAM=vim
 VIMBRANCH=8.2
 CTAGSVER=5.8
-BUILD=${BUILD:-1_slack15.0}
+BUILD=${BUILD:-2_slack15.0}
 
 # The possible settings for this are yes/no/dynamic.
 PERLINTERP=${PERLINTERP:-dynamic}
@@ -152,6 +152,11 @@ find . \
   \( -perm 666 -o -perm 664 -o -perm 600 -o -perm 444 -o -perm 440 -o -perm 400 \) \
   -exec chmod 644 {} \+
 
+# Fix security issues:
+zcat $CWD/CVE-2022-2816.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/CVE-2022-2817.patch.gz | patch -p1 --verbose || exit 1
+zcat $CWD/CVE-2022-2819.patch.gz | patch -p1 --verbose || exit 1
+
 config_vim --without-x --disable-gui || exit 1
 make $NUMJOBS || make || exit 1
 make install DESTDIR=$PKG || exit 1
diff --git a/recompress.sh b/recompress.sh
index 68ef7707..bed7ee46 100755
--- a/recompress.sh
+++ b/recompress.sh
@@ -1181,8 +1181,11 @@ gzip ./patches/source/python3/python3.distutils.x86_64.diff
 gzip ./patches/source/seamonkey/autoconf/autoconf-2.13-consolidated_fixes-1.patch
 gzip ./patches/source/seamonkey/doinst.sh
 gzip ./patches/source/seamonkey/sm.ui.scrollToClick.diff
+gzip ./patches/source/vim/CVE-2022-2819.patch
 gzip ./patches/source/vim/ctags.use-conventional-unused-marker.patch
 gzip ./patches/source/vim/vim.vimrc.diff
+gzip ./patches/source/vim/CVE-2022-2817.patch
+gzip ./patches/source/vim/CVE-2022-2816.patch
 gzip ./patches/source/libxslt/libxslt.xsltMaxDepth.diff
 gzip ./patches/source/net-snmp/net-snmp-5.7.2-cert-path.patch
 gzip ./patches/source/net-snmp/net-snmp-5.8-Remove-U64-typedef.patch
author	Patrick J Volkerding <volkerdi@slackware.com>	2022-08-17 20:41:53 +0000
committer	Eric Hameleers <alien@slackware.com>	2022-08-18 13:30:02 +0200
commit	821b8a94bf6a33da86d2e1f956c068d2b6270e40 (patch)
tree	8b29563a041d4681367f421d9fee2782e1a07d2b
parent	834b3a5fc210d2991416f66166351b787bf0fb92 (diff)
download	current-821b8a94bf6a33da86d2e1f956c068d2b6270e40.tar.gz