ec9063b927
that do not need the modeline support to disable it, since it contained remote vulnerabilities. Reviewed by: simon Approved by: portsmgr (blanket, secteam), obrien (maintainer)
6 lines
365 B
Text
6 lines
365 B
Text
SECURITY NOTE: The VIM software has had several remote vulnerabilities
|
|
discovered within VIM's modeline support. It allowed remote attackers to
|
|
execute arbitrary code as the user running VIM. All known problems
|
|
have been fixed, but the FreeBSD Security Team advises that VIM users
|
|
use 'set nomodeline' in ~/.vimrc to avoid the possibility of trojaned
|
|
text files.
|