(In reply to comment #13) > vim team, do you know if upstream is trying to fix the remaining issues in the > near future? if yes, we will postpone this glsa until everything is fixed. >
{vim,gvim}-7.2 fixes this. It's in CVS. ------------------------------------------- -------- Test results below --------------- ------------------------------------------- Vim version 7.2 zip.vim version: netrw.vim version: ------------------------------------------- filetype.vim strong : EXPLOIT FAILED weak : EXPLOIT FAILED tarplugin : EXPLOIT FAILED tarplugin.updated: EXPLOIT FAILED tarplugin.v2: EXPLOIT FAILED zipplugin : EXPLOIT FAILED zipplugin.v2: EXPLOIT FAILED xpm.vim xpm : EXPLOIT FAILED xpm2 : EXPLOIT FAILED remote : EXPLOIT FAILED gzip_vim : EXPLOIT FAILED netrw : EXPLOIT FAILED netrw.v2 : EXPLOIT FAILED netrw.v3 : EXPLOIT FAILED netrw.v4 : EXPLOIT FAILED netrw.v5 : EXPLOIT FAILED shellescape: EXPLOIT FAILED
(In reply to comment #13)
> vim team, do you know if upstream is trying to fix the remaining issues in the
> near future? if yes, we will postpone this glsa until everything is fixed.
>
{vim,gvim}-7.2 fixes this. It's in CVS. ------- ------- ------- ------- ------- - ------- ------- ------- ------- ------- - ------- ------- ------- ------- ------- -
-------
-------- Test results below ---------------
-------
Vim version 7.2
zip.vim version:
netrw.vim version:
-------
filetype.vim
strong : EXPLOIT FAILED
weak : EXPLOIT FAILED
tarplugin : EXPLOIT FAILED
tarplugin.updated: EXPLOIT FAILED
tarplugin.v2: EXPLOIT FAILED
zipplugin : EXPLOIT FAILED
zipplugin.v2: EXPLOIT FAILED
xpm.vim
xpm : EXPLOIT FAILED
xpm2 : EXPLOIT FAILED
remote : EXPLOIT FAILED
gzip_vim : EXPLOIT FAILED
netrw : EXPLOIT FAILED
netrw.v2 : EXPLOIT FAILED
netrw.v3 : EXPLOIT FAILED
netrw.v4 : EXPLOIT FAILED
netrw.v5 : EXPLOIT FAILED
shellescape: EXPLOIT FAILED