
Accourding to http://www.guninski.com/vim1.html vim is vulnerable in
woody and sarge (I tried it myself on both).

ChangeLog of vim (1:6.1-266+1) in sid says:

+ 6.1.265: libcall() can be used in 'foldexpr' to call any system
  function. rename(), delete() and remote_send() can also be
  used in 'foldexpr'. These are security problems.

Will there be a security update of vim in woody?

Last discussion of this bug was in Jan 2003:

so long

  ___    Obviously we do not want to leave zombies around.
_/___\     - W. Richard Stevens
 ( ^ >   Thomas Krennwallner <djmaecki at ull dot at>
 /   \   1024D/67A1DA7B 9484 D99D 2E1E 4E02 5446  DAD9 FF58 4E59 67A1 DA7B
(__\/_)_ http://bigfish.ull.at/~djmaecki/

Attachment: pgp00000.pgp
Description: PGP signature

Reply via email to