Browse code
Fix for CVE-2017-1000382
Move the swap file location to protect against CVE-2017-1000382
Change-Id: Idc3494c93f73d6b931d0b3c9a024251484d62cc1
Reviewed-on: http://photon-jenkins.eng.vmware.com:8082/5354
Tested-by: gerrit-photon <photon-checkins@vmware.com>
Reviewed-by: Srinidhi Rao <srinidhir@vmware.com>
Reviewed-by: Dweep Advani <dadvani@vmware.com>
Reviewed-by: Alexey Makhalov <amakhalov@vmware.com>
Tapas Kundu authored on 2018/07/14 01:42:57Showing 1 changed files
| ... | ... |
@@ -3,7 +3,7 @@ |
| 3 | 3 |
Summary: Text editor |
| 4 | 4 |
Name: vim |
| 5 | 5 |
Version: 8.0.0533 |
| 6 |
-Release: 4%{?dist}
|
|
| 6 |
+Release: 5%{?dist}
|
|
| 7 | 7 |
License: Charityware |
| 8 | 8 |
URL: http://www.vim.org |
| 9 | 9 |
Group: Applications/Editors |
| ... | ... |
@@ -59,7 +59,12 @@ nmap <F10> :q!<CR> |
| 59 | 59 |
nmap <Esc><Esc> :q<CR> |
| 60 | 60 |
" Use 4 space characters instead of tab for python files |
| 61 | 61 |
au BufEnter,BufNew *.py set tabstop=4 shiftwidth=4 expandtab |
| 62 |
- |
|
| 62 |
+" Move the swap file location to protect against CVE-2017-1000382 |
|
| 63 |
+" More information at http://security.cucumberlinux.com/security/details.php?id=120 |
|
| 64 |
+if ! isdirectory("~/.vim/swap/")
|
|
| 65 |
+ call system('install -d -m 700 ~/.vim/swap')
|
|
| 66 |
+endif |
|
| 67 |
+set directory=~/.vim/swap// |
|
| 63 | 68 |
" End /etc/vimrc |
| 64 | 69 |
EOF |
| 65 | 70 |
|
| ... | ... |
@@ -168,6 +173,8 @@ make test |
| 168 | 168 |
%{_bindir}/vimdiff
|
| 169 | 169 |
|
| 170 | 170 |
%changelog |
| 171 |
+* Thu Jul 12 2018 Tapas Kundu <tkundu@vmware.com> 8.0.0533-5 |
|
| 172 |
+- Fix for CVE-2017-1000382 |
|
| 171 | 173 |
* Tue Jul 10 2018 Tapas Kundu <tkundu@vmware.com> 8.0.0533-4 |
| 172 | 174 |
- Fix for CVE-2017-17087.patch. |
| 173 | 175 |
* Mon Aug 14 2017 Chang Lee <changlee@vmware.com> 8.0.0533-3 |