New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Fix for modeline vulnerability is incomplete #10130
Comments
The fix is not on master, only the release branch. See #10052 . Need help. |
Also reproducible on 0.3.7 |
Also was the neovim spcific
to the beginning |
For reference, when updating Debian Stretch's Vim (based on 8.0.0197), I backported these patches:
|
Of those the following appear to be missing in master still:
|
#10309 handles master. More work will be needed for the release branch. |
#10341 has the fixes for the release-0.3 branch. |
`nvim --version`:
Yes
Steps to reproduce
Config file
poc.txt
Source
Open poc.txt
Close it
Open it again
Actual behaviour
uname -a
is run.Expected behaviour
uname -a
is not runThe text was updated successfully, but these errors were encountered: