averello/vim-mirror
1
0
Fork 0
mirror of https://github.com/vim/vim.git synced 2026-05-28 00:21:37 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
v9.2.0355
vim-mirror/runtime
T
History
q1uf3ng 490b737f3e patch 9.2.0355: runtime(tar): missing path traversal checks in tar#Extract() 
Problem:  runtime(tar): missing path traversal checks in tar#Extract()
Solution: Add check for leading slash, however gnu tar should already
          detect this (q1uf3ng)

tar#Extract() did not check for ../ sequences or absolute paths,
unlike zip#Extract() which was patched in recent commits. Add the
same checks: ../ (relative traversal), leading slash (Unix), drive
letter and UNC/leading slash (Windows).

closes: #19981

Signed-off-by: q1uf3ng <q1uf3ng@protone.me>
Signed-off-by: Christian Brabandt <cb@256bit.org>
2026-04-15 18:36:20 +00:00
..
autoload
patch 9.2.0355: runtime(tar): missing path traversal checks in tar#Extract()
2026-04-15 18:36:20 +00:00
bitmaps
colors
compiler
patch 9.2.0225: runtime(compiler): No compiler plugin for just
2026-03-22 16:46:41 +00:00
doc
runtime(doc): Tweak documentation style in channel.txt
2026-04-15 17:00:19 +00:00
ftplugin
runtime(racket): Make visual K mapping more robust for shell injection
2026-04-01 08:10:15 +00:00
icons
import/dist
indent
runtime(handlebars): adds handlebars template syntax & indent support
2026-03-05 20:06:02 +00:00
keymap
lang
macros
pack/dist/opt
runtime(hlyank): verify winid in lambda before matchdelete()
2026-04-11 14:53:48 +00:00
plugin
runtime(manpager): use \x07 instead of \a for BEL in OSC 8 regex
2026-03-24 19:48:44 +00:00
print
spell
syntax
runtime(bitbake): support forward-slashes in bitbake varflags
2026-04-15 18:07:18 +00:00
tools
runtime(preproc_indent): Ignore Swapfiles when loading buffers
2026-04-02 17:53:30 +00:00
tutor
bugreport.vim
defaults.vim
delmenu.vim
doc.info
evim.vim
filetype.vim
patch 9.2.0333: filetype: PklProject files are not recognized
2026-04-10 18:40:37 +00:00
ftoff.vim
ftplugin.vim
ftplugof.vim
gvim.desktop
translation: Regenerate desktop files in runtime directory
2026-03-22 16:27:43 +00:00
gvimrc_example.vim
hi16-action-make.png
hi22-action-make.png
icons.info
indent.vim
indoff.vim
macmap.vim
macros.info
makemenu.vim
menu.vim
mswin.vim
optwin.vim
patch 9.2.0350: Enabling modelines poses a risk
2026-04-14 18:57:41 +00:00
scripts.vim
synmenu.vim
termcap
tools.info
tutor.info
vim16x16_png.h
patch 9.2.0123: GTK: using deprecated gdk_pixbuf_new_from_xpm_data()
2026-03-08 20:10:03 +00:00
vim16x16.gif
vim16x16.png
vim16x16.xpm
vim32x32_png.h
patch 9.2.0123: GTK: using deprecated gdk_pixbuf_new_from_xpm_data()
2026-03-08 20:10:03 +00:00
vim32x32.gif
vim32x32.png
vim32x32.xpm
vim48x48_png.h
patch 9.2.0123: GTK: using deprecated gdk_pixbuf_new_from_xpm_data()
2026-03-08 20:10:03 +00:00
vim48x48.gif
vim48x48.png
vim48x48.xpm
vim.desktop
translation: Regenerate desktop files in runtime directory
2026-03-22 16:27:43 +00:00
vimlogo.cdr
vimlogo.eps
vimlogo.gif
vimlogo.pdf
vimlogo.svg
vimlogo.xpm
vimrc_example.vim
xdg.vim