[SCM] Vim packaging branch, maint/etch, updated. 3ba3d446924a9eb5e86bfaa4758a71225ce012bb

Fri Feb 6 23:50:58 UTC 2009

The following commit has been merged in the maint/etch branch:
commit 3ba3d446924a9eb5e86bfaa4758a71225ce012bb
Author: James Vega <jamessan at debian.org>
Date:   Fri Feb 6 18:45:56 2009 -0500

    Add CVE-2008-2712-xpm.vim.diff to fix syntax/xpm{,2}.vim
    
    Signed-off-by: James Vega <jamessan at debian.org>

diff --git a/debian/changelog b/debian/changelog
index 110771a..4963bf0 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -3,6 +3,8 @@ vim (1:7.0-122+1etch4) UNRELEASED; urgency=high
   * Backport upstream patches and runtime fixes for filename escaping
     vulnerabilities.  (Closes: #486502, CVE 2008-2712)
     - Add upstream patches 7.1.299, 7.1.300, 7.1.305.
+    - Add patch CVE-2008-2712-xpm.vim.diff to fix syntax/xpm.vim and
+      syntax/xpm2.vim.
 
  -- James Vega <jamessan at debian.org>  Tue, 03 Feb 2009 22:19:11 -0500
 
diff --git a/patches/CVE-2008-2712-xpm.vim.diff b/patches/CVE-2008-2712-xpm.vim.diff
new file mode 100644
index 0000000..ff23bf6
--- /dev/null
+++ b/patches/CVE-2008-2712-xpm.vim.diff
@@ -0,0 +1,76 @@
+--- vim/runtime/syntax/xpm.vim
++++ vim/runtime/syntax/xpm.vim
+@@ -1,7 +1,7 @@
+ " Vim syntax file
+ " Language:	X Pixmap
+ " Maintainer:	Ronald Schild <rs at scutum.de>
+-" Last Change:	2001 May 09
++" Last Change:	2008 May 28
+ " Version:	5.4n.1
+ 
+ " For version 5.x: Clear all syntax items
+@@ -38,9 +38,15 @@ while i <= line("$")		" scanning all lines
+ 	 let colors = substitute(s, '"\s*\d\+\s\+\d\+\s\+\(\d\+\).*"', '\1', '')
+ 	 " get the 4th value: cpp = number of character per pixel
+ 	 let cpp = substitute(s, '"\s*\d\+\s\+\d\+\s\+\d\+\s\+\(\d\+\).*"', '\1', '')
++	 if cpp =~ '[^0-9]'
++	    break  " if cpp is not made of digits there must be something wrong
++	 endif
+ 
+-	 " highlight the Values string as normal string (no pixel string)
+-	 exe 'syn match xpmValues /'.s.'/'
++	 " Highlight the Values string as normal string (no pixel string).
++	 " Only when there is no slash, it would terminate the pattern.
++	 if s !~ '/'
++	    exe 'syn match xpmValues /' . s . '/'
++	 endif
+ 	 hi link xpmValues String
+ 
+ 	 let n = 1		" n = color index
+@@ -103,7 +109,7 @@ while i <= line("$")		" scanning all lines
+ 	 if color == ""  ||  substitute(color, '.*', '\L&', '') == 'none'
+ 	    exe 'hi xpmColor'.n.' guifg=bg'
+ 	    exe 'hi xpmColor'.n.' guibg=NONE'
+-	 else
++	 elseif color !~ "'"
+ 	    exe 'hi xpmColor'.n." guifg='".color."'"
+ 	    exe 'hi xpmColor'.n." guibg='".color."'"
+ 	 endif
+--- vim/runtime/syntax/xpm2.vim
++++ vim/runtime/syntax/xpm2.vim
+@@ -1,7 +1,7 @@
+ " Vim syntax file
+ " Language:	X Pixmap v2
+ " Maintainer:	Steve Wall (hitched97 at velnet.com)
+-" Last Change:	2001 Apr 25
++" Last Change:	2008 May 28
+ " Version:	5.8
+ "
+ " Made from xpm.vim by Ronald Schild <rs at scutum.de>
+@@ -50,9 +50,15 @@ if has("gui_running")
+ 	let colors = substitute(s, '\s*\d\+\s\+\d\+\s\+\(\d\+\).*', '\1', '')
+ 	" get the 4th value: cpp = number of character per pixel
+ 	let cpp = substitute(s, '\s*\d\+\s\+\d\+\s\+\d\+\s\+\(\d\+\).*', '\1', '')
++	if cpp =~ '[^0-9]'
++	  break  " if cpp is not made of digits there must be something wrong
++	endif
+ 
+-	" highlight the Values string as normal string (no pixel string)
+-	exe 'syn match xpm2Values /'.s.'/'
++	" Highlight the Values string as normal string (no pixel string).
++	" Only when there is no slash, it would terminate the pattern.
++	if s !~ '/'
++	  exe 'syn match xpm2Values /' . s . '/'
++	endif
+ 	HiLink xpm2Values Statement
+ 
+ 	let n = 1			" n = color index
+@@ -118,7 +124,7 @@ if has("gui_running")
+ 	" if no color or color = "None" show background
+ 	if color == ""  ||  substitute(color, '.*', '\L&', '') == 'none'
+ 	  exe 'Hi xpm2Color'.n.' guifg=bg guibg=NONE'
+-	else
++	elseif color !~ "'"
+ 	  exe 'Hi xpm2Color'.n." guifg='".color."' guibg='".color."'"
+ 	endif
+ 	let n = n + 1
diff --git a/patches/series b/patches/series
index 3d50a07..1d80b43 100644
--- a/patches/series
+++ b/patches/series
@@ -18,3 +18,4 @@ mp.vim-cmd_check.diff -p0
 changelog.vim-ftplugin_buffer-split.diff -p0
 zh_TW.po-swap_recovery_typo.diff -p0
 option.c-foldnestmax_check.diff -p0
+CVE-2008-2712-xpm.vim.diff -p0

-- 
Vim packaging

