Skip to content

Commit 9fd0382

Browse files
[AUTO-CHERRYPICK] [Medium] patch vim to fix CVE-2025-24014 - branch main (#12099)
Co-authored-by: jykanase <v-jykanase@microsoft.com>
1 parent 726a6bc commit 9fd0382

2 files changed

Lines changed: 40 additions & 1 deletion

File tree

SPECS/vim/CVE-2025-24014.patch

Lines changed: 35 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,35 @@
1+
From a37c69c15cc3ea6b2e67336748a578d2c2c549db Mon Sep 17 00:00:00 2001
2+
From: jykanase <v-jykanase@microsoft.com>
3+
Date: Thu, 23 Jan 2025 09:19:12 +0000
4+
Subject: [PATCH] CVE-CVE-2025-24014
5+
6+
Source Link : https://github.com/vim/vim/commit/9d1bed5eccdbb46a26b8a484f5e9163c40e63919
7+
---
8+
src/gui.c | 6 ++++--
9+
1 file changed, 4 insertions(+), 2 deletions(-)
10+
11+
diff --git a/src/gui.c b/src/gui.c
12+
index 8e7b079..86c40de 100644
13+
--- a/src/gui.c
14+
+++ b/src/gui.c
15+
@@ -4478,13 +4478,15 @@ gui_do_scroll(void)
16+
/*
17+
* Don't call updateWindow() when nothing has changed (it will overwrite
18+
* the status line!).
19+
+ *
20+
+ * Check for ScreenLines, because in ex-mode, we don't have a valid display.
21+
*/
22+
- if (old_topline != wp->w_topline
23+
+ if (ScreenLines != NULL && (old_topline != wp->w_topline
24+
|| wp->w_redr_type != 0
25+
#ifdef FEAT_DIFF
26+
|| old_topfill != wp->w_topfill
27+
#endif
28+
- )
29+
+ ))
30+
{
31+
int type = UPD_VALID;
32+
33+
--
34+
2.45.2
35+

SPECS/vim/vim.spec

Lines changed: 5 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -2,14 +2,15 @@
22
Summary: Text editor
33
Name: vim
44
Version: 9.1.0791
5-
Release: 2%{?dist}
5+
Release: 3%{?dist}
66
License: Vim
77
Vendor: Microsoft Corporation
88
Distribution: Mariner
99
Group: Applications/Editors
1010
URL: https://www.vim.org
1111
Source0: https://github.com/%{name}/%{name}/archive/v%{version}.tar.gz#/%{name}-%{version}.tar.gz
1212
Patch0: CVE-2025-22134.patch
13+
Patch1: CVE-2025-24014.patch
1314

1415
BuildRequires: ncurses-devel
1516
BuildRequires: python3-devel
@@ -200,6 +201,9 @@ fi
200201
%{_bindir}/vimdiff
201202

202203
%changelog
204+
* Thu Jan 23 2025 Jyoti Kanase <v-jykanase@microsoft.com> - 9.1.0791-3
205+
- Patch to fix CVE-2025-24014.
206+
203207
* Thu Jan 16 2025 Bhagyashri Pathak <bhapathak@microsoft.com> - 9.1.0791-2
204208
- Patch for fixing CVE-2025-22134
205209

0 commit comments

Comments
 (0)