Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 19 Mar 2026 21:26:42 +0000
From:      Adam Weinberger <adamw@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: a215214dc5d9 - main - editors/vim: Update to 9.2.0204 (security fix)
Message-ID:  <69bc6a12.1c5eb.33ae199d@gitrepo.freebsd.org>
index | next in thread | raw e-mail 

The branch main has been updated by adamw:

URL: https://cgit.FreeBSD.org/ports/commit/?id=a215214dc5d94d8906ebddd92640062e91b0fd7b

commit a215214dc5d94d8906ebddd92640062e91b0fd7b
Author:     Adam Weinberger <adamw@FreeBSD.org>
AuthorDate: 2026-03-19 21:21:51 +0000
Commit:     Adam Weinberger <adamw@FreeBSD.org>
CommitDate: 2026-03-19 21:26:36 +0000

    editors/vim: Update to 9.2.0204 (security fix)
    
    In particular, this addresses the following:
      Problem:  The glob() function on Unix-like systems does not escape
                newline characters when expanding wildcards. A maliciously
                crafted string containing '\n' can be used as a command
                separator to execute arbitrary shell commands via
                mch_expand_wildcards(). This depends on the user's 'shell'
                setting.
      Solution: Add the newline character ('\n') to the SHELL_SPECIAL
                definition to ensure it is properly escaped before being
                passed to the shell (pyllyukko).
    
    Security:       GHSA-w5jw-f54h-x46c
---
 editors/vim/Makefile | 2 +-
 editors/vim/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/editors/vim/Makefile b/editors/vim/Makefile
index cb530df724c8..aca95045bcdd 100644
--- a/editors/vim/Makefile
+++ b/editors/vim/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	vim
-PORTVERSION=	9.2.0140
+PORTVERSION=	9.2.0204
 DISTVERSIONPREFIX=	v
 CATEGORIES=	editors
 
diff --git a/editors/vim/distinfo b/editors/vim/distinfo
index 5343ecd29cd3..016dc23a2bc7 100644
--- a/editors/vim/distinfo
+++ b/editors/vim/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1773270134
-SHA256 (vim-vim-v9.2.0140_GH0.tar.gz) = e97eae0623da945fde66e69388c000130c7951a2f92cf2e5201079ca6806a641
-SIZE (vim-vim-v9.2.0140_GH0.tar.gz) = 19801376
+TIMESTAMP = 1773952766
+SHA256 (vim-vim-v9.2.0204_GH0.tar.gz) = e7b7a27520dafe36703b788b68f546693e853dc25c43204fe4d0c5f2e7634443
+SIZE (vim-vim-v9.2.0204_GH0.tar.gz) = 19818362
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69bc6a12.1c5eb.33ae199d>