-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Tue, 07 Jul 2026 21:46:03 -0400 Source: vim Architecture: source Version: 2:9.2.0782-1 Distribution: unstable Urgency: medium Maintainer: Debian Vim Maintainers <team+vim@tracker.debian.org> Changed-By: James McCoy <jamessan@debian.org> Closes: 1139728 1139729 1139730 1140775 Changes: vim (2:9.2.0782-1) unstable; urgency=medium . * New upstream tag + Security fixes (Closes: #1140775) - 9.2.0561: possible code execution with python3complete (Closes: #1139728, CVE-2026-52858) - 9.2.0565: out-of-bounds read in :terminal if a cell has 5 combining marks (Closes: #1139729, CVE-2026-52859) - 9.2.0597: Allocation failure not handled when defining a dictionary function (Closes: #1139730, CVE-2026-52860) - 9.2.0653: out-of-bounds read with a crafted spell file, CVE-2026-55693 - 9.2.0662: out-of-bounds write with a crafted spell file, CVE-2026-55892 - 9.2.0663: possible code execution in netrw when deleting a file with a "|" in its name, CVE-2026-55895 - 9.2.0670: out-of-bounds read of text properties when handling a crafted undo file, CVE-2026-57451 - 9.2.0671: Possible out-of-bounds read when opening a sodium-encrypted file, CVE-2026-57452 - 9.2.0678: Possible powershell code execution when opening a zip file, CVE-2026-57453 - 9.2.0679: out-of-bounds read of text properties when handling a crafted undo file, CVE-2026-57454 - 9.2.0698: out-of-bounds write when using soundfold() on a large input, CVE-2026-57455 - 9.2.0699: possible code execution when using python complete, CVE-2026-57456 * Skip Test_clientserver_serverlist_list() and Test_remote_serverlist() Checksums-Sha1: a609e7242f12d41a5dce21e5a45165e815835280 3194 vim_9.2.0782-1.dsc beed2cf7178146ce0f84ee327ee1fb44d54e7642 13351408 vim_9.2.0782.orig.tar.xz d431f5a6b895c0e107492e5ca61b873be5d189a1 163036 vim_9.2.0782-1.debian.tar.xz cb6cb0e9c6695dbb803edba74b2dbca06af48867 33332736 vim_9.2.0782-1.git.tar.xz 1967cda9af46b0b37c09877f7e326a0ebfda3d9c 17502 vim_9.2.0782-1_source.buildinfo Checksums-Sha256: 1401ef8df7b80e1abcd22fa945db933c4788a798a57341ec85fb37278b935e8f 3194 vim_9.2.0782-1.dsc 01bf8bb001a4f5d1dbfdb727461e0eb72c817429b20c5724d70ef15187588460 13351408 vim_9.2.0782.orig.tar.xz f3da60e14f497abe267a9e1bab3a37d4461b3906f16a7799324e3f9bd454c476 163036 vim_9.2.0782-1.debian.tar.xz 8bfc5a9c538c1d9cc1b5e629dd4ebb2b1e57e72daf37628f9dd777c86918d42f 33332736 vim_9.2.0782-1.git.tar.xz b0fb7085baddc94c4d6a9538710e0aa105ce8baf3810b0132920ac8993795335 17502 vim_9.2.0782-1_source.buildinfo Files: c49a4e11724c67b0e994a0f8c7c72bf7 3194 editors optional vim_9.2.0782-1.dsc fd6609ff8d0b8e6d0502db1f07eb4516 13351408 editors optional vim_9.2.0782.orig.tar.xz e3bf08090bc19413e337a7b7d1a1c4ad 163036 editors optional vim_9.2.0782-1.debian.tar.xz 1e2e56fd9b321f7d419645da9f3c6817 33332736 editors None vim_9.2.0782-1.git.tar.xz 6d27dcedb24542d4b823f57ee88af3da 17502 editors optional vim_9.2.0782-1_source.buildinfo Git-Tag-Info: tag=bd3c81b4f366230f158a88786d8a7b878e00d420 fp=91bfbf4d6956bd5df7b72d23dfe691ae331ba3db Git-Tag-Tagger: James McCoy <jamessan@debian.org> -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEN02M5NuW6cvUwJcqYG0ITkaDwHkFAmpNrLkACgkQYG0ITkaD wHlRzRAA0aZCexb3rib5G50oMRQIUfoioG8/K9hVt95zKBYiTlT66hoLx1ljrncX 7iaaNb5o12RyehbUjSTOJFQFKQ9t5UbQkkO8JYmi+45qHXmEAQ/VrdHHHrjotAUd wnUD3HoqYIqGWVrLUIS7wFUlO68LaTEJgS85HxZ2saH6BUeBe7MCR/pmB0IuY6TA cvqdEd5aF69EBdXtWv4HXXhQoQqLohiBM5eIDJJ7RhWDbLDd1qd6TPRWDzvW03of Quw98Qu1FnAxFpMw/82yfqEQrxpUX0POCe1DKxuKdSnN96WN5EmAeI5E52vdUjnp xRR+5gIfLAmrWmZcVwJ12awSmAjDetNlcOCQxj1O3z5w00Ertd0NC6p7nZxQdmT/ 6ewtwePQWcSQtWwATgumqWcyv/jFNdaYR6hg+0MAACa5N8+6hHE6fgvx//2dxZBp WxYNVIKaLy1JFRwnfaEMgCfv1sTEQ4P1zS1sEzyGLraiFjMyobs5B+e+6icVROLv 6jZ5qU+UOgsA3NyFwf9wCyxinph7GUGUWXH/Ny5qbgkGpJ3Z+OJAejLKo5mR+cb4 Mu7I7L3DAtEc7xmPgixvP7CTy9mxcvwxhFx0RyDNMiRwgLABFWNci8P9iySscdnu 6k5kfCeD0rhwV8BFNvUCMWhxAhf8sxVnfIbVHh5y3CfSgFnfzXI= =Zk0N -----END PGP SIGNATURE-----