[3.5] vim: Tree length values not validated properly when handling a spell file (CVE-2017-5953)
vim before patch 8.0.0322 does not properly validate values for tree
length when handling a spell file, which may result
in an integer overflow at a memory allocation site and a resultant buffer overflow.
(from redmine: issue id 6863, created on 2017-02-15, closed on 2017-02-16)
- parent #6861 (closed)
- Revision 6d469b11 by Sergei Lukin on 2017-02-16T07:15:51Z:
main/vim: security upgrade to 8.0.0329 - fixes #6863 CVE-2017-5953: Tree length values not validated properly when handling a spell file