Hi! Accourding to http://www.guninski.com/vim1.html vim is vulnerable in woody and sarge (I tried it myself on both).
ChangeLog of vim (1:6.1-266+1) in sid says: + 6.1.265: libcall() can be used in 'foldexpr' to call any system function. rename(), delete() and remote_send() can also be used in 'foldexpr'. These are security problems. Will there be a security update of vim in woody? Last discussion of this bug was in Jan 2003: http://lists.debian.org/debian-security/2003/debian-security-200301/msg00153.html so long Thomas -- ___ Obviously we do not want to leave zombies around. _/___\ - W. Richard Stevens ( ^ > Thomas Krennwallner <djmaecki at ull dot at> / \ 1024D/67A1DA7B 9484 D99D 2E1E 4E02 5446 DAD9 FF58 4E59 67A1 DA7B (__\/_)_ http://bigfish.ull.at/~djmaecki/
pgpPLTqP8pdco.pgp
Description: PGP signature
