kumquat-buildroot/package/vim/vim.mk
Fabrice Fontaine da66811e8e package/vim: security bump to version 8.2.4980
Fix CVE-2022-1619: Heap-based Buffer Overflow in function
cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This
vulnerabilities are capable of crashing software, modify memory, and
possible remote execution

Fix CVE-2022-1620: NULL Pointer Dereference in function
vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior
to 8.2.4901. NULL Pointer Dereference in function vim_regexec_string at
regexp.c:2729 allows attackers to cause a denial of service (application
crash) via a crafted input.

Fix CVE-2022-1621: Heap buffer overflow in vim_strncpy find_word in
GitHub repository vim/vim prior to 8.2.4919. This vulnerability is
capable of crashing software, Bypass Protection Mechanism, Modify
Memory, and possible remote execution

Fix CVE-2022-1629: Buffer Over-read in function find_next_quote in
GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are
capable of crashing software, Modify Memory, and possible remote
execution

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2022-05-30 22:54:48 +02:00

94 lines
2.4 KiB
Makefile

################################################################################
#
# vim
#
################################################################################
VIM_VERSION = 8.2.4980
VIM_SITE = $(call github,vim,vim,v$(VIM_VERSION))
VIM_DEPENDENCIES = ncurses $(TARGET_NLS_DEPENDENCIES)
VIM_SUBDIR = src
VIM_CONF_ENV = \
vim_cv_toupper_broken=no \
vim_cv_terminfo=yes \
vim_cv_tgetent=zero \
vim_cv_tty_group=world \
vim_cv_tty_mode=0620 \
vim_cv_getcwd_broken=no \
vim_cv_stat_ignores_slash=yes \
vim_cv_memmove_handles_overlap=yes \
ac_cv_sizeof_int=4 \
ac_cv_small_wchar_t=no
# GUI/X11 headers leak from the host so forcibly disable them
VIM_CONF_OPTS = --with-tlib=ncurses --enable-gui=no --without-x
VIM_LICENSE = Charityware
VIM_LICENSE_FILES = LICENSE README.txt
VIM_CPE_ID_VENDOR = vim
ifeq ($(BR2_PACKAGE_ACL),y)
VIM_CONF_OPTS += --enable-acl
VIM_DEPENDENCIES += acl
else
VIM_CONF_OPTS += --disable-acl
endif
ifeq ($(BR2_PACKAGE_GPM),y)
VIM_CONF_OPTS += --enable-gpm
VIM_DEPENDENCIES += gpm
else
VIM_CONF_OPTS += --disable-gpm
endif
ifeq ($(BR2_PACKAGE_LIBSELINUX),y)
VIM_CONF_OPTS += --enable-selinux
VIM_DEPENDENCIES += libselinux
else
VIM_CONF_OPTS += --disable-selinux
endif
define VIM_INSTALL_TARGET_CMDS
cd $(@D)/src; \
$(TARGET_MAKE_ENV) $(MAKE) DESTDIR=$(TARGET_DIR) installvimbin; \
$(TARGET_MAKE_ENV) $(MAKE) DESTDIR=$(TARGET_DIR) installtools; \
$(TARGET_MAKE_ENV) $(MAKE) DESTDIR=$(TARGET_DIR) installlinks
endef
define VIM_INSTALL_RUNTIME_CMDS
cd $(@D)/src; \
$(TARGET_MAKE_ENV) $(MAKE) DESTDIR=$(TARGET_DIR) installrtbase; \
$(TARGET_MAKE_ENV) $(MAKE) DESTDIR=$(TARGET_DIR) installmacros
endef
define VIM_REMOVE_DOCS
$(RM) -rf $(TARGET_DIR)/usr/share/vim/vim*/doc/
endef
# Avoid oopses with vipw/vigr, lack of $EDITOR and 'vi' command expectation
ifeq ($(BR2_ROOTFS_MERGED_USR),y)
define VIM_INSTALL_VI_SYMLINK
ln -sf vim $(TARGET_DIR)/usr/bin/vi
endef
else
define VIM_INSTALL_VI_SYMLINK
ln -sf ../usr/bin/vim $(TARGET_DIR)/bin/vi
endef
endif
VIM_POST_INSTALL_TARGET_HOOKS += VIM_INSTALL_VI_SYMLINK
ifeq ($(BR2_PACKAGE_VIM_RUNTIME),y)
VIM_POST_INSTALL_TARGET_HOOKS += VIM_INSTALL_RUNTIME_CMDS
VIM_POST_INSTALL_TARGET_HOOKS += VIM_REMOVE_DOCS
endif
HOST_VIM_DEPENDENCIES = host-ncurses
HOST_VIM_CONF_OPTS = \
--with-tlib=ncurses \
--enable-gui=no \
--without-x \
--disable-acl \
--disable-gpm \
--disable-selinux
$(eval $(autotools-package))
$(eval $(host-autotools-package))