-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Format: 1.8
Date: Sun, 16 Feb 2025 13:23:41 +0800
Source: vim
Architecture: source
Version: 2:9.0.1378-2+deb12u2
Distribution: bookworm
Urgency: high
Maintainer: Debian Vim Maintainers <team+vim@tracker.debian.org>
Changed-By: Sean Whitton <spwhitton@spwhitton.name>
Closes: 1035955 1053694 1084806
Changes:
 vim (2:9.0.1378-2+deb12u2) bookworm; urgency=high
 .
   * Drop test case from CVE-2023-2610.patch.
     This test was breaking the build on a number of architectures.
     The test was removed upstream for similar reasons.
     Thanks to James McCoy for reporting the problem.
 .
 vim (2:9.0.1378-2+deb12u1) bookworm; urgency=high
 .
   * Backport security fixes:
     - 9.0.1532: Crash when expanding "~" in substitute
       (Closes: #1035955, CVE-2023-2610)
     - 9.0.1848: buffer-overflow in vim_regsub_both() (CVE-2023-4738)
     - 9.0.1858: heap use after free in ins_compl_get_exp() (CVE-2023-4752)
     - 9.0.1873: heap-buffer-overflow in vim_regsub_both (CVE-2023-4781)
     - 9.0.1969: buffer-overflow in trunc_string()
       (Closes: #1053694, CVE-2023-5344)
     - 9.0.2142: stack-buffer-overflow in option callback functions
       (CVE-2024-22667)
     - 9.1.0697: heap-buffer-overflow in ins_typebuf (CVE-2024-43802)
     - 9.1.0764: use-after-free when closing a buffer
       (Closes: #1084806, CVE-2024-47814).
Checksums-Sha1:
 c5236506305abebd78507a65eaccdfb2434a2762 3058 vim_9.0.1378-2+deb12u2.dsc
 87b8565864574be2a70053f737adbea900af7409 189544 vim_9.0.1378-2+deb12u2.debian.tar.xz
Checksums-Sha256:
 aa797fe95fa4ba55811b599f34c2e35b0ef3dedfea85dfe4b45cce29173a2d91 3058 vim_9.0.1378-2+deb12u2.dsc
 8de06019fc513fc9c335de050966774f6fb20fc011fbb5d50e8a841dbce91fa2 189544 vim_9.0.1378-2+deb12u2.debian.tar.xz
Files:
 618788b89df19e6652b6305a55aa20af 3058 editors optional vim_9.0.1378-2+deb12u2.dsc
 4647831f7908608f887303ed05f9fe36 189544 editors optional vim_9.0.1378-2+deb12u2.debian.tar.xz

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEm5FwB64DDjbk/CSLaVt65L8GYkAFAmexspcACgkQaVt65L8G
YkAb7RAAsCR7vdiKiZuF50fVIw0xtAT8y+B8RwrZKbUs2zvGkPKxHQc7Pa90F11k
PF5r6+BNqCgvkEyMhP9Z8VDqV0UyJjD71+8pRsTxufFue1w8ICyZGh0515X9+B0P
/L+bg8QQYD5UxGqqc9zEtOGC+FIV2TiWVyMJeO2rXLcXaDCv87NorbEZSZjgkebQ
swCiG2iqJiuRa8ocv48eruehtNzxVo0u3ZglPAoAQALmjriPVeteGOrs/oMJq9GW
HzrqTK0YUwNO2GZw4K994mKrnMmOa2gHwpKG74jxm4nEDjoZ+2Sl6yh7T0/UYz0+
dbCZxf+ClY20HM/y3OMNmAMe+WItp/orWbk1Tl1dISVa2vNR9lN7EaxHgBmI4y6I
azh7UNItyMmrL07UVPWfk+VPMdrDf7F3dYdcWs8gKel5xiSLs7q7duEsFPpR/zrn
SIRkuI8d9YdFn4bHMLoWLx1BkXTj/3EQb5+nprfIQkXVeFJQrgAUZpP7QD2EmVcV
wYcVUtDtWse6Mb3PyWMJY7OFD5bWDLJvI3FvhwBu4s33/auxCZaU2CdZ9u1P/Vqp
/UqrlHUipPoPSvlmURddtBkW3z7SJX5z/pF2ctyqBNOARHep7szB7KIM7JoRqPnR
hI1RkhlHtf7gwIaANHwgVKJOMqSvhcVyxPzdhJnK59KSKj86b0M=
=9d1r
-----END PGP SIGNATURE-----