]> git.ipfire.org Git - thirdparty/vim.git/commit
projects / thirdparty / vim.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 53b1457) | patch
patch 9.1.1198: [security]: potential data loss with zip.vim v9.1.1198
authorChristian Brabandt <cb@256bit.org>
Wed, 12 Mar 2025 21:04:01 +0000 (22:04 +0100)
committerChristian Brabandt <cb@256bit.org>
Wed, 12 Mar 2025 21:04:01 +0000 (22:04 +0100)
commitf209dcd3defb95bae21b2740910e6aa7bb940531
tree539adf07df62e2b02c8f3b0ee2a513ec60585eb9tree
parent53b14578e03f93a53fd6eb21c00caf96484742edcommit | diff
patch 9.1.1198: [security]: potential data loss with zip.vim

Problem:  [security]: potential data loss with zip.vim and special
          crafted zip files (RyotaK)
Solution: use glob '[-]' to protect filenames starting with '-'

Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf

Signed-off-by: Christian Brabandt <cb@256bit.org>
Filelist diff | blob | blame | history
runtime/autoload/zip.vim diff | blob | blame | history
src/testdir/samples/poc.zip [new file with mode: 0644] blob
src/testdir/test_plugin_zip.vim diff | blob | blame | history
src/version.c diff | blob | blame | history
Mirror of https://github.com/vim/vim.git