Mercurial > vim

view SECURITY.md @ 32719:185f2a160d5d v9.0.1682

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
patch 9.0.1682: sodium encryption is not portable Commit: https://github.com/vim/vim/commit/6019fed0c50a31f0f9bb6c80e4e2b97d3f71565a Author: Christian Brabandt <cb@256bit.org> Date: Tue Jul 11 22:38:29 2023 +0200 patch 9.0.1682: sodium encryption is not portable Problem: crypt: sodium encryption is not portable Solution: use little-endian byte order for sodium encrypted files As mentioned in #12586, sodium encryption only works on little ending architectures, because reading and writing the sodium encryption parameters are stored in the encrypted files in an arch-dependent way. This of course fails for big-endian architectures like s390. So make sure to use little-endian byte order when reading and writing sodium encrypted files. fixes: #12586 closes: 12655
author Christian Brabandt <cb@256bit.org>
date Wed, 09 Aug 2023 21:45:03 +0200
parents b807b0aa8e1f
children 965ed6e19279
line wrap: on
line source

# Security Policy

## Reporting a vulnerability

If you want to report a security issue, please use [huntr.dev](https://huntr.dev/bounties/disclose?target=https%3A%2F%2Fgithub.com%2Fvim%2Fvim) to privately disclose the issue to us.
They also have rewards in the form of money, swag and CVEs.

**Please don't publicly disclose the issue until it has been addressed by us.**