Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 30 Mar 2026 17:04:13 +0000
From:      Adam Weinberger <adamw@FreeBSD.org>
To:        ports-committers@FreeBSD.org, dev-commits-ports-all@FreeBSD.org, dev-commits-ports-main@FreeBSD.org
Subject:   git: 58d999b09c28 - main - editors/vim: Update to 9.2.0272 (security)
Message-ID:  <69caad0d.3feb8.218ae8f5@gitrepo.freebsd.org>
index | next in thread | raw e-mail 

The branch main has been updated by adamw:

URL: https://cgit.FreeBSD.org/ports/commit/?id=58d999b09c2836b4aab68748ceb27521f72a490e

commit 58d999b09c2836b4aab68748ceb27521f72a490e
Author:     Adam Weinberger <adamw@FreeBSD.org>
AuthorDate: 2026-03-30 17:00:39 +0000
Commit:     Adam Weinberger <adamw@FreeBSD.org>
CommitDate: 2026-03-30 17:03:59 +0000

    editors/vim: Update to 9.2.0272 (security)
    
    This update addresses GHSA-2gmj-rpqf-pxvh (see advisory link below):
    
    Summary (from advisory):
      A bug chain in Vim allows arbitrary OS command execution when a user
      opens a crafted file. The tabpanel option is missing the P_MLE flag,
      allowing a modeline to inject a %{expr} expression string without
      requiring modelineexpr to be enabled. Although Vim correctly
      evaluates the expression inside the sandbox, autocmd_add() lacks
      a check_secure() call, allowing sandboxed code to register an
      autocommand that fires after the sandbox exits.
    
    Security:       https://github.com/vim/vim/security/advisories/GHSA-2gmj-rpqf-pxvh
---
 editors/vim/Makefile | 2 +-
 editors/vim/distinfo | 6 +++---
 2 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/editors/vim/Makefile b/editors/vim/Makefile
index aca95045bcdd..5b08f399a9ea 100644
--- a/editors/vim/Makefile
+++ b/editors/vim/Makefile
@@ -1,5 +1,5 @@
 PORTNAME=	vim
-PORTVERSION=	9.2.0204
+PORTVERSION=	9.2.0272
 DISTVERSIONPREFIX=	v
 CATEGORIES=	editors
 
diff --git a/editors/vim/distinfo b/editors/vim/distinfo
index 016dc23a2bc7..e8d5218a4885 100644
--- a/editors/vim/distinfo
+++ b/editors/vim/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1773952766
-SHA256 (vim-vim-v9.2.0204_GH0.tar.gz) = e7b7a27520dafe36703b788b68f546693e853dc25c43204fe4d0c5f2e7634443
-SIZE (vim-vim-v9.2.0204_GH0.tar.gz) = 19818362
+TIMESTAMP = 1774884455
+SHA256 (vim-vim-v9.2.0272_GH0.tar.gz) = 020efae1f8187a65a457f4b73cdbd0be3ccbae230e63293af51fdfcf3c831cb5
+SIZE (vim-vim-v9.2.0272_GH0.tar.gz) = 19847045
home | help

Want to link to this message? Use this
URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?69caad0d.3feb8.218ae8f5>