Community Packages

Please read this before reporting a bug:

Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.

REPEAT: Do NOT report bugs for outdated packages!

FS#51927 - [neovim] Arbitrary command execution (CVE-2016-1248)

Attached to Project: Community Packages
Opened by Santiago Torres (sangy) - Tuesday, 22 November 2016, 17:13 GMT
Last edited by Levente Polyak (anthraxx) - Tuesday, 29 November 2016, 16:22 GMT
Task Type Bug Report
Category Security
Status Closed
Assigned To Sven-Hendrik Haase (Svenstaro)
Architecture All
Severity Medium
Priority Normal
Reported Version
Due in Version Undecided
Due Date Undecided
Percent Complete 100%
Votes 0
Private No



The package neovim is vulnerable to arbitrary command execution via CVE-2016-1248.


We need to backport a patch from the commit in [1].

This task depends upon

Closed by  Levente Polyak (anthraxx)
Tuesday, 29 November 2016, 16:22 GMT
Reason for closing:  Fixed
Additional comments about closing:  0.1.7-1