mirrors/neovim
1
0
Fork 0
mirror of https://github.com/neovim/neovim.git synced 2026-05-25 06:18:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
0e07b2a1e271f01f3458185876f8712d97f6cf38
neovim/src
History
zeertzjq 0e07b2a1e2 vim-patch:9.2.0357: [security]: command injection via backticks in tag files (#39102) 
Problem:  [security]: command injection via backticks in tag files
          (Srinivas Piskala Ganesh Babu, Andy Ngo)
Solution: Disallow backticks before attempting to expand filenames.

Github Advisory:
https://github.com/vim/vim/security/advisories/GHSA-cwgx-gcj7-6qh8

Supported by AI

c78194e41d

Co-authored-by: Christian Brabandt <cb@256bit.org>
2026-04-16 11:11:29 +08:00
..
cjson
feat(stdlib): vim.json.decode() can allow comments #37795
2026-02-11 06:54:57 -05:00
gen
fix(lua): not obvious which _meta/ files are generated #39035
2026-04-14 05:38:47 -04:00
klib
refactor: move StringBuilder to types_defs.h (#33745)
2025-05-01 10:06:08 -05:00
man
feat(logging): rename ".nvimlog" => "nvim.log" #37935
2026-02-18 11:58:34 -05:00
mpack
fix(mpack): boundary values for negative integer encoding #37255
2026-03-21 17:07:33 -04:00
nvim
vim-patch:9.2.0357: [security]: command injection via backticks in tag files (#39102)
2026-04-16 11:11:29 +08:00
tee
fix(install): only install "tee" on Windows #36629
2025-11-19 21:00:56 -08:00
xdiff
refactor: the long goodbye
2023-11-05 20:19:06 +01:00
xxd
fix(ux): drop "Sorry" from messages #38318
2026-03-16 07:46:34 -04:00
.luarc.json
refactor: make LuaLS run diagnostics on all files in src/
2026-03-09 21:26:11 +01:00
.valgrind.supp
refactor: rename "process" => "proc" #30387
2024-09-15 12:20:58 -07:00
bit.c
build: bump lua-bitop to 1.0.3 #35063
2025-08-02 15:58:11 -07:00
bit.h
feat(lua): make sure require'bit' always works, even with PUC lua 5.1
2023-02-22 22:15:19 +01:00
build_lua.zig
feat(build.zig): add option to use system dependencies
2026-01-13 22:09:03 -05:00
clint.lua
fix: resolve all remaining LuaLS warnings in src/
2026-03-09 21:47:15 +01:00
coverity-model.c
refactor(treesitter): handle coverity warnings better
2024-03-20 12:22:54 +00:00
nlua0.c
refactor(build): include lpeg as a library
2023-04-27 11:40:00 +02:00
nlua0.zig
build: make build.zig generate helptags without running "nvim" binary
2025-08-19 11:14:02 +02:00
uncrustify.cfg
refactor: clint.py => clint.lua
2025-12-08 01:43:02 -05:00