Move the swap file location to protect against CVE-2017-1000382
Change-Id: Iadbc39933c85dce3fd89c7c85d2a31cf2b652c98
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5356
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Alexey Makhalov <amakhalov@vmware.com>
... | ... |
@@ -3,7 +3,7 @@ |
3 | 3 |
Summary: Text editor |
4 | 4 |
Name: vim |
5 | 5 |
Version: 7.4 |
6 |
-Release: 9%{?dist} |
|
6 |
+Release: 10%{?dist} |
|
7 | 7 |
License: Charityware |
8 | 8 |
URL: http://www.vim.org |
9 | 9 |
Group: Applications/Editors |
... | ... |
@@ -56,7 +56,12 @@ color desert |
56 | 56 |
if (&term == "iterm") || (&term == "putty") |
57 | 57 |
set background=dark |
58 | 58 |
endif |
59 |
- |
|
59 |
+" Move the swap file location to protect against CVE-2017-1000382 |
|
60 |
+" More information at http://security.cucumberlinux.com/security/details.php?id=120 |
|
61 |
+if ! isdirectory("~/.vim/swap/") |
|
62 |
+ call system('install -d -m 700 ~/.vim/swap') |
|
63 |
+endif |
|
64 |
+set directory=~/.vim/swap// |
|
60 | 65 |
" End /etc/vimrc |
61 | 66 |
EOF |
62 | 67 |
|
... | ... |
@@ -151,6 +156,8 @@ EOF |
151 | 151 |
%{_bindir}/vimdiff |
152 | 152 |
|
153 | 153 |
%changelog |
154 |
+* Thu Jul 12 2018 Tapas Kundu <tkundu@vmware.com> 7.4-10 |
|
155 |
+- Fix for CVE-2017-1000382 |
|
154 | 156 |
* Mon Apr 3 2017 Alexey Makhalov <amakhalov@vmware.com> 7.4-9 |
155 | 157 |
- Use specified version of ncurses wich has long chtype and mmask_t |
156 | 158 |
(see ncurses changelog) |