averello/vim-mirror
1
0
Fork 0
mirror of https://github.com/vim/vim.git synced 2026-05-28 00:21:37 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
v9.2.0316
vim-mirror/runtime
T
History
Christian Brabandt 7ab76a8604 patch 9.2.0316: [security]: command injection in netbeans interface via defineAnnoType 
Problem:  [security]: The netbeans defineAnnoType command passes typeName, fg and bg
          unsanitized to coloncmd(), allowing a malicious server to inject
          arbitrary Ex commands via '|'. Similarly, specialKeys does not
          validate key tokens before building a map command.
Solution: Validate typeName, fg and bg against an allowlist of safe
          characters before passing them to coloncmd()

Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-mr87-rhgv-7pw6

Supported by AI

Signed-off-by: Christian Brabandt <cb@256bit.org>
2026-04-07 18:42:18 +00:00
..
autoload
patch 9.2.0306: runtime(tar): some issues with lz4 support
2026-04-06 12:46:40 +00:00
bitmaps
colors
compiler
patch 9.2.0225: runtime(compiler): No compiler plugin for just
2026-03-22 16:46:41 +00:00
doc
patch 9.2.0316: [security]: command injection in netbeans interface via defineAnnoType
2026-04-07 18:42:18 +00:00
ftplugin
runtime(racket): Make visual K mapping more robust for shell injection
2026-04-01 08:10:15 +00:00
icons
import/dist
indent
runtime(handlebars): adds handlebars template syntax & indent support
2026-03-05 20:06:02 +00:00
keymap
lang
macros
pack/dist/opt
patch 9.2.0302: runtime(netrw): RFC2396 decoding double escaping spaces
2026-04-05 16:36:42 +00:00
plugin
runtime(manpager): use \x07 instead of \a for BEL in OSC 8 regex
2026-03-24 19:48:44 +00:00
print
spell
syntax
runtime(log): clean up and modernize log syntax
2026-04-06 13:02:04 +00:00
tools
runtime(preproc_indent): Ignore Swapfiles when loading buffers
2026-04-02 17:53:30 +00:00
tutor
bugreport.vim
defaults.vim
delmenu.vim
doc.info
evim.vim
filetype.vim
patch 9.2.0237: filetype: ObjectScript routines are not recognized
2026-03-24 19:58:01 +00:00
ftoff.vim
ftplugin.vim
ftplugof.vim
gvim.desktop
translation: Regenerate desktop files in runtime directory
2026-03-22 16:27:43 +00:00
gvimrc_example.vim
hi16-action-make.png
hi22-action-make.png
icons.info
indent.vim
indoff.vim
macmap.vim
macros.info
makemenu.vim
menu.vim
mswin.vim
optwin.vim
patch 9.2.0139: Cannot configure terminal resize event
2026-03-11 20:03:36 +00:00
scripts.vim
synmenu.vim
termcap
tools.info
tutor.info
vim16x16_png.h
patch 9.2.0123: GTK: using deprecated gdk_pixbuf_new_from_xpm_data()
2026-03-08 20:10:03 +00:00
vim16x16.gif
vim16x16.png
vim16x16.xpm
vim32x32_png.h
patch 9.2.0123: GTK: using deprecated gdk_pixbuf_new_from_xpm_data()
2026-03-08 20:10:03 +00:00
vim32x32.gif
vim32x32.png
vim32x32.xpm
vim48x48_png.h
patch 9.2.0123: GTK: using deprecated gdk_pixbuf_new_from_xpm_data()
2026-03-08 20:10:03 +00:00
vim48x48.gif
vim48x48.png
vim48x48.xpm
vim.desktop
translation: Regenerate desktop files in runtime directory
2026-03-22 16:27:43 +00:00
vimlogo.cdr
vimlogo.eps
vimlogo.gif
vimlogo.pdf
vimlogo.svg
vimlogo.xpm
vimrc_example.vim
xdg.vim