mirror of
https://git.FreeBSD.org/ports.git
synced 2024-12-17 03:25:46 +00:00
ec9063b927
that do not need the modeline support to disable it, since it contained remote vulnerabilities. Reviewed by: simon Approved by: portsmgr (blanket, secteam), obrien (maintainer)
7 lines
365 B
Plaintext
7 lines
365 B
Plaintext
SECURITY NOTE: The VIM software has had several remote vulnerabilities
|
|
discovered within VIM's modeline support. It allowed remote attackers to
|
|
execute arbitrary code as the user running VIM. All known problems
|
|
have been fixed, but the FreeBSD Security Team advises that VIM users
|
|
use 'set nomodeline' in ~/.vimrc to avoid the possibility of trojaned
|
|
text files.
|