[SCM] Vim packaging branch, upstream-runtime, updated. upstream/7.1.285-49-ge39dfd1

James Vega jamessan at debian.org
Mon Jun 16 14:40:45 UTC 2008


The following commit has been merged in the upstream-runtime branch:
commit e39dfd1276d05f7c5b1fe272bdd60e88bd9ad3c0
Author: James Vega <jamessan at debian.org>
Date:   Mon Jun 16 10:37:06 2008 -0400

    Update zip plugin to resolve security vulnerability. (#486502)
    
    Signed-off-by: James Vega <jamessan at debian.org>

diff --git a/runtime/autoload/zip.vim b/runtime/autoload/zip.vim
index 5875be0..5842741 100644
--- a/runtime/autoload/zip.vim
+++ b/runtime/autoload/zip.vim
@@ -1,16 +1,16 @@
 " zip.vim: Handles browsing zipfiles
 "            AUTOLOAD PORTION
-" Date:		May 08, 2007
-" Version:	14
+" Date:		Jun 12, 2008
+" Version:	18
 " Maintainer:	Charles E Campbell, Jr <NdrOchip at ScampbellPfamily.AbizM-NOSPAM>
 " License:	Vim License  (see vim's :help license)
-" Copyright:    Copyright (C) 2005 Charles E. Campbell, Jr. {{{1
+" Copyright:    Copyright (C) 2005-2008 Charles E. Campbell, Jr. {{{1
 "               Permission is hereby granted to use and distribute this code,
 "               with or without modifications, provided that this copyright
 "               notice is copied with it. Like anything else that's free,
-"               zipPlugin.vim is provided *as is* and comes with no warranty
-"               of any kind, either expressed or implied. By using this
-"               plugin, you agree that in no event will the copyright
+"               zip.vim and zipPlugin.vim are provided *as is* and comes with
+"               no warranty of any kind, either expressed or implied. By using
+"               this plugin, you agree that in no event will the copyright
 "               holder be liable for any damages resulting from the use
 "               of this software.
 
@@ -22,7 +22,7 @@ if &cp || exists("g:loaded_zip") || v:version < 700
  finish
 endif
 
-let g:loaded_zip     = "v14"
+let g:loaded_zip     = "v18"
 let s:zipfile_escape = ' ?&;\'
 let s:ERROR          = 2
 let s:WARNING        = 1
@@ -31,7 +31,9 @@ let s:NOTE           = 0
 " ---------------------------------------------------------------------
 "  Global Values: {{{1
 if !exists("g:zip_shq")
- if has("unix")
+ if &shq != ""
+  let g:zip_shq= &shq
+ elseif has("unix")
   let g:zip_shq= "'"
  else
   let g:zip_shq= '"'
@@ -160,7 +162,9 @@ fun! s:ZipBrowseSelect()
 "  call Decho("curfile<".curfile.">")
 
   new
-  wincmd _
+  if !exists("g:zip_nomax") || g:zip_nomax == 0
+   wincmd _
+  endif
   let s:zipfile_{winnr()}= curfile
 "  call Decho("exe e zipfile:".escape(zipfile,s:zipfile_escape).'::'.escape(fname,s:zipfile_escape))
   exe "e zipfile:".escape(zipfile,s:zipfile_escape).'::'.escape(fname,s:zipfile_escape)
@@ -319,8 +323,13 @@ endfun
 " QuoteFileDir: {{{2
 fun! s:QuoteFileDir(fname)
 "  call Dfunc("QuoteFileDir(fname<".a:fname.">)")
-"  call Dret("QuoteFileDir")
-  return g:zip_shq.a:fname.g:zip_shq
+  if has("*shellescape")
+   let qnameq= shellescape(a:fname)
+  else
+   let qnameq= g:zip_shq.escape(a:fname,g:zip_shq).g:zip_shq
+  endif
+"  call Dret("QuoteFileDir <".qnameq.">")
+  return qnameq
 endfun
 
 " ---------------------------------------------------------------------
diff --git a/runtime/doc/pi_zip.txt b/runtime/doc/pi_zip.txt
index 944b848..6e61984 100644
--- a/runtime/doc/pi_zip.txt
+++ b/runtime/doc/pi_zip.txt
@@ -1,4 +1,4 @@
-*pi_zip.txt*	For Vim version 7.1.  Last change: 2007 May 11
+*pi_zip.txt*	For Vim version 7.1.  Last change: 2008 Jun 12
 
 				+====================+
 				| Zip File Interface |
@@ -6,7 +6,7 @@
 
 Author:  Charles E. Campbell, Jr.  <NdrOchip at ScampbellPfamily.AbizM>
 	  (remove NOSPAM from Campbell's email first)
-Copyright: Copyright (C) 2005,2006 Charles E Campbell, Jr *zip-copyright*
+Copyright: Copyright (C) 2005-2008 Charles E Campbell, Jr *zip-copyright*
            Permission is hereby granted to use and distribute this code,
 	   with or without modifications, provided that this copyright
 	   notice is copied with it. Like anything else that's free,
@@ -33,7 +33,13 @@ Copyright: Copyright (C) 2005,2006 Charles E Campbell, Jr *zip-copyright*
    zip archives via the plugin.
 
    OPTIONS
-							*zip_shq*
+
+   							*g:zip_nomax*
+
+   If this variable exists and is true, the file window will not be
+   automatically maximized when opened.
+
+							*g:zip_shq*
    Different operating systems may use one or more shells to execute
    commands.  Zip will try to guess the correct quoting mechanism to
    allow spaces and whatnot in filenames; however, if it is incorrectly
@@ -45,12 +51,12 @@ Copyright: Copyright (C) 2005,2006 Charles E Campbell, Jr *zip-copyright*
 
    							*g:zip_unzipcmd*
    Use this option to specify the program which does the duty of "unzip".
-   Its used during browsing. By default: >
+   It's used during browsing. By default: >
    	let g:zip_unzipcmd= "unzip"
 <
 							*g:zip_zipcmd*
    Use this option to specify the program which does the duty of "zip".
-   Its used during the writing (updating) of a file already in a zip
+   It's used during the writing (updating) of a file already in a zip
    file; by default: >
    	let g:zip_zipcmd= "zip"
 <
@@ -64,11 +70,13 @@ Copyright: Copyright (C) 2005,2006 Charles E Campbell, Jr *zip-copyright*
 
 	au BufReadCmd *.jar,*.xpi call zip#Browse(expand("<amatch>"))
 <
-   One can simply extend this line to accommodate additional extensions that
-   are actually zip files.
+   One simply can extend this line to accomodate additional extensions that
+   should be treated as zip files.
 
 ==============================================================================
 4. History					*zip-history* {{{1
+   v17 May 09, 2008 * arno caught a security bug
+   v15 Sep 07, 2007 * &shq now used if not the empty string for g:zip_shq
    v14 May 07, 2007 * using b:zipfile instead of w:zipfile to avoid problem
                       when editing alternate file to bring up a zipfile
    v10 May 02, 2006 * now using "redraw then echo" to show messages, instead
diff --git a/runtime/plugin/zipPlugin.vim b/runtime/plugin/zipPlugin.vim
index 69e98bd..e98686b 100644
--- a/runtime/plugin/zipPlugin.vim
+++ b/runtime/plugin/zipPlugin.vim
@@ -1,6 +1,6 @@
 " zipPlugin.vim: Handles browsing zipfiles
 "            PLUGIN PORTION
-" Date:			Jul 18, 2006
+" Date:			Oct 05, 2007
 " Maintainer:	Charles E Campbell, Jr <NdrOchip at ScampbellPfamily.AbizM-NOSPAM>
 " License:		Vim License  (see vim's :help license)
 " Copyright:    Copyright (C) 2005,2006 Charles E. Campbell, Jr. {{{1
@@ -20,7 +20,7 @@
 if &cp || exists("g:loaded_zipPlugin")
  finish
 endif
-let g:loaded_zipPlugin = 1
+let g:loaded_zipPlugin = "v18"
 let s:keepcpo          = &cpo
 set cpo&vim
 
@@ -40,7 +40,7 @@ augroup zip
   au FileWriteCmd zipfile:*/*	call zip#Write(expand("<amatch>"))
  endif
 
- au BufReadCmd   *.zip		call zip#Browse(expand("<amatch>"))
+ au BufReadCmd   *.zip,*.jar,*.xpi,*.war,*.ear		call zip#Browse(expand("<amatch>"))
 augroup END
 
 " ---------------------------------------------------------------------

-- 
Vim packaging



More information about the pkg-vim-maintainers mailing list