From: Ross Burton Date: Mon, 17 Jan 2022 11:20:55 +0000 (+0000) Subject: vim: update to include latest CVE fixes X-Git-Url: https://code.ossystems.io/gitweb?a=commitdiff_plain;h=faf83cac9ff82a3c795b2e8d82719bea43830f7f;p=openembedded-core.git vim: update to include latest CVE fixes Update the version to 4.2.4118, which incorporates the following CVE fixes: - CVE-2021-4187 - CVE-2022-0128 - CVE-2022-0156 - CVE-2022-0158 Also remove the explicit whitelisting of CVE-2021-3968 as this is now handled with an accurate CPE specifying the fixed version. Signed-off-by: Ross Burton Signed-off-by: Richard Purdie (cherry picked from commit 764519ad0da6b881918667ca272fcc273b56168a) Signed-off-by: Steve Sakoman --- diff --git a/meta/recipes-support/vim/vim.inc b/meta/recipes-support/vim/vim.inc index 1c7256c97c..3f9bd6f012 100644 --- a/meta/recipes-support/vim/vim.inc +++ b/meta/recipes-support/vim/vim.inc @@ -20,8 +20,8 @@ SRC_URI = "git://github.com/vim/vim.git;branch=master;protocol=https \ file://racefix.patch \ " -PV .= ".3752" -SRCREV = "8603be338ac810446f23c092f21bc6082f787519" +PV .= ".4118" +SRCREV = "0023f82a76cf43a12b41e71f97a2e860d0444e1b" # Remove when 8.3 is out UPSTREAM_VERSION_UNKNOWN = "1" @@ -29,9 +29,6 @@ UPSTREAM_VERSION_UNKNOWN = "1" # Do not consider .z in x.y.z, as that is updated with every commit UPSTREAM_CHECK_GITTAGREGEX = "(?P\d+\.\d+)\.0" -# CVE-2021-3968 is related to an issue which was introduced after 8.2, this can be removed after 8.3. -CVE_CHECK_WHITELIST += "CVE-2021-3968" - S = "${WORKDIR}/git" VIMDIR = "vim${@d.getVar('PV').split('.')[0]}${@d.getVar('PV').split('.')[1]}"