FS#51927 : [neovim] Arbitrary command execution (CVE-2016-1248)

FS#51927 - [neovim] Arbitrary command execution (CVE-2016-1248)

Attached to Project: Community Packages
Opened by Santiago Torres (sangy) - Tuesday, 22 November 2016, 17:13 GMT
Last edited by Levente Polyak (anthraxx) - Tuesday, 29 November 2016, 16:22 GMT

Task Type	Bug Report
Category	Security
Status	Closed
Assigned To	Sven-Hendrik Haase (Svenstaro)
Architecture	All
Severity	Medium
Priority	Normal
Reported Version
Due in Version	Undecided
Due Date	Undecided
Percent Complete
Votes	0
Private	No

Details

Summary
=======

The package neovim is vulnerable to arbitrary command execution via CVE-2016-1248.

Guidance
========

We need to backport a patch from the commit in [1].
References
==========

[1] https://github.com/neovim/neovim/commit/4fad66fbe637818b6b3d6bc5d21923ba72795040

This task depends upon

Closed by Levente Polyak (anthraxx)
Tuesday, 29 November 2016, 16:22 GMT
Reason for closing: Fixed
Additional comments about closing: 0.1.7-1

	Tasks related to this task (0)

Duplicate tasks of this task (0)

Arch Linux

FS#51927 - [neovim] Arbitrary command execution (CVE-2016-1248)

Details

Loading...