Fedora 27: 2018: A10C1D234E Critical: VIM-Syntastic Code Execution

Syntastic is a syntax checking plugin that runs files through external syntax

checkers and displays any resulting errors to the user. This can be done on

demand, or automatically as files are saved. If syntax errors are detected, the

user is notified and is happy because they didn't have to compile their code or

execute their script to find them.

new upstream release v3.9.0

* Mon Apr 23 2018 Pavel Raiskup - 3.9.0-1

- new upstream release, per release notes:

https://github.com/vim-syntastic/syntastic/releases/tag/3.9.0

* Tue Apr 10 2018 Philippe Makowski - 3.8.0-12

- add text subpackage, fix rhbz#1562001

* Fri Feb 9 2018 Fedora Release Engineering - 3.8.0-11

- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild

[ 1 ] Bug #1580432 - CVE-2018-11319 vim-syntastic: Improper handling of searches for configuration files can lead to arbitrary code execution [fedora-all]

https://bugzilla.redhat.com/show_bug.cgi?id=1580432

su -c 'dnf upgrade --advisory FEDORA-2018-a10c1d234e' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XQG3TJ7OXOQ45IEY62NV5VMGNK5CV7WQ/