Mercurial > vim
view SECURITY.md @ 35873:3e2f18adac4a v9.1.0648
patch 9.1.0648: [security] double-free in dialog_changed()
Commit: https://github.com/vim/vim/commit/b29f4abcd4b3382fa746edd1d0562b7b48c9de60
Author: Christian Brabandt <cb@256bit.org>
Date: Thu Aug 1 22:10:28 2024 +0200
patch 9.1.0648: [security] double-free in dialog_changed()
Problem: [security] double-free in dialog_changed()
(SuyueGuo)
Solution: Only clear pointer b_sfname pointer, if it is different
than the b_ffname pointer. Don't try to free b_fname,
set it to NULL instead.
fixes: #15403
Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-46pw-v7qw-xc2f
Signed-off-by: Christian Brabandt <cb@256bit.org>
author | Christian Brabandt <cb@256bit.org> |
---|---|
date | Thu, 01 Aug 2024 22:45:08 +0200 |
parents | 13e4398925ea |
children |
line wrap: on
line source
# Security Policy ## Reporting a vulnerability If you want to report a security issue, please privately disclose the issue to the vim-security mailing list vim-security@googlegroups.com This is a private list, read only by the maintainers, but anybody can post, after moderation. **Please don't publicly disclose the issue until it has been addressed by us.**