[ALSA-2022:0894] Moderate: vim security update
Type:
security
Severity:
moderate
Release date:
2022-03-16
Description:
Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim: Heap-based buffer overflow in block_insert() in src/ops.c (CVE-2022-0261) * vim: Heap-based buffer overflow in utf_head_off() in mbyte.c (CVE-2022-0318) * vim: Heap-based buffer overflow in init_ccline() in ex_getln.c (CVE-2022-0359) * vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow (CVE-2022-0361) * vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c (CVE-2022-0392) * vim: Use after free in src/ex_cmds.c (CVE-2022-0413) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Updated packages:
  • vim-common-8.0.1763-16.el8_5.12.x86_64.rpm
  • vim-X11-8.0.1763-16.el8_5.12.x86_64.rpm
  • vim-filesystem-8.0.1763-16.el8_5.12.noarch.rpm
  • vim-enhanced-8.0.1763-16.el8_5.12.x86_64.rpm
  • vim-minimal-8.0.1763-16.el8_5.13.aarch64.rpm
  • vim-enhanced-8.0.1763-16.el8_5.13.aarch64.rpm
  • vim-common-8.0.1763-16.el8_5.13.aarch64.rpm
  • vim-X11-8.0.1763-16.el8_5.13.aarch64.rpm
  • vim-filesystem-8.0.1763-16.el8_5.13.noarch.rpm
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.