{"affected":[{"ecosystem_specific":{"binaries":[{"neovim":"0.3.7-bp151.3.3.1","neovim-lang":"0.3.7-bp151.3.3.1"}]},"package":{"ecosystem":"SUSE:Package Hub 15 SP1","name":"neovim","purl":"pkg:rpm/suse/neovim&distro=SUSE%20Package%20Hub%2015%20SP1"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"0.3.7-bp151.3.3.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for neovim fixes the following issues:\n\nneovim was updated to version 0.3.7:\n\n* CVE-2019-12735: source should check sandbox (boo#1137443)\n* genappimage.sh: migrate to linuxdeploy\n\nVersion Update to version 0.3.5:\n\n* options: properly reset directories on 'autochdir'\n* Remove MSVC optimization workaround for SHM_ALL\n* Make SHM_ALL to a variable instead of a compound literal #define\n* doc: mention 'pynvim' module rename\n* screen: don't crash when drawing popupmenu with 'rightleft' option\n* look-behind match may use the wrong line number\n* :terminal : set topline based on window height\n* :recover : Fix crash on non-existent *.swp\n\nVersion Update to version 0.3.4:\n\n* test: add tests for conceal cursor movement\n* display: unify ursorline and concealcursor redraw logic\n\nVersion Update to version 0.3.3:\n\n* health/provider: Check for available pynvim when neovim mod is missing\n* python#CheckForModule: Use the given module string instead of hard-coding pynvim\n* (health.provider)/python: Import the neovim, rather than pynvim, module\n* TUI: Konsole DECSCUSR fixup\n\nVersion Update to version 0.3.2:- \n\n* Features\n\n  - clipboard: support Custom VimL functions (#9304)\n  - win/TUI: improve terminal/console support (#9401)\n  - startup: Use $XDG_CONFIG_DIRS/nvim/sysinit.vim if exists (#9077)\n  - support mapping in more places (#9299)\n  - diff/highlight: show underline for low-priority CursorLine (#9028)\n  - signs: Add 'nuhml' argument (#9113)\n  - clipboard: support Wayland (#9230)\n  - TUI: add support for undercurl and underline color (#9052)\n  - man.vim: soft (dynamic) wrap (#9023)\n\n* API\n\n  - API: implement object namespaces (#6920)\n  - API: implement nvim_win_set_buf() (#9100)\n  - API: virtual text annotations (nvim_buf_set_virtual_text) (#8180)\n  - API: add nvim_buf_is_loaded() (#8660)\n  - API: nvm_buf_get_offset_for_line (#8221)\n  - API/UI: ext_newgrid, ext_histate (#8221)\n\n* UI\n\n  - TUI: use BCE again more often (smoother resize) (#8806)\n  - screen: add missing status redraw when redraw_later(CLEAR) was used (#9315)\n  - TUI: clip invalid regions on resize (#8779)\n  - TUI: improvements for scrolling and clearing (#9193)\n  - TUI: disable clearing almost everywhere (#9143)\n  - TUI: always use safe cursor movement after resize (#9079)\n  - ui_options: also send when starting or from OptionSet (#9211)\n  - TUI: Avoid reset_color_cursor_color in old VTE (#9191)\n  - Don't erase screen on :hi Normal during startup (#9021)\n  - TUI: Hint wrapped lines to terminals (#8915) \n\n* FIXES\n\n  - RPC: turn errors from async calls into notifications\n  - TUI: Restore terminal title via 'title stacking' (#9407)\n  - genappimage: Unset $ARGV0 at invocation (#9376)\n  - TUI: Konsole 18.07.70 supports DECSCUSR (#9364)\n  - provider: improve error message (#9344) \n  - runtime/syntax: Fix highlighting of autogroup contents (#9328)\n  - VimL/confirm(): Show dialog even if :silent (#9297)\n  - clipboard: prefer xclip (#9302)\n  - provider/nodejs: fix npm, yarn detection\n  - channel: avoid buffering output when only terminal is active (#9218)\n  - ruby: detect rbenv shims for other versions (#8733)\n  - third party/unibilium: Fix parsing of extended capabilitiy entries (#9123)\n  - jobstart(): Fix hang on non-executable cwd (#9204)\n  - provide/nodejs: Simultaneously query npm and yarn (#9054)\n  - undo: Fix infinite loop if undo_read_byte returns EOF (#2880) \n  - 'swapfile: always show dialog' (#9034) \n\n- Add to the system-wide configuration file extension of runtimepath by\n  /usr/share/vim/site, so that neovim uses other Vim plugins installed\n  from packages.\n\n- Add /usr/share/vim/site tree of directories to be owned by neovim as\n  well.\n\nThis update was imported from the openSUSE:Leap:15.1:Update update project.","id":"openSUSE-SU-2019:1997-1","modified":"2019-08-24T08:20:58Z","published":"2019-08-24T08:20:58Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/O5Q6ECCW6N3P3VMFMCNJL5AQBTRSD4AI/#O5Q6ECCW6N3P3VMFMCNJL5AQBTRSD4AI"},{"type":"REPORT","url":"https://bugzilla.suse.com/1137443"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2019-12735"}],"related":["CVE-2019-12735"],"summary":"Security update for neovim","upstream":["CVE-2019-12735"]}