[VIM] gnump3d stuff
security curmudgeon
jericho at attrition.org
Fri Nov 18 06:32:18 EST 2005
First, traversal (CVE 2005-3123) may have extra concerns. While flagged
BUGFIX and not SECURITY, "allow files to start with ..." stands out to
me.
2.9.7 [ 28th October 2005 ]
- BUGFIX: The previous release was broken.
- BUGFIX: Allow files to start with ...
2.9.6 [ 28th October 2005 ]
- SECURITY: Prevent path traversal. [CVE-2005-3123]
Second, two more issues that have CVE entries (but aren't open), and I
don't recall seeing before this:
2.9.8 [ 17th November 2005 ]
- SECURITY: Remove insecure usage of /tmp. [CVE-2005-3349]
- SECURITY: Filter input parameters/cookies. [CVE-2005-3355]
More information about the VIM
mailing list