ALSA-2022:0894

[ALSA-2022:0894] Moderate: vim security update

Type:

security

Severity:

moderate

Release date:

2022-03-16

Description:

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

* vim: Heap-based buffer overflow in block_insert() in src/ops.c (CVE-2022-0261)

* vim: Heap-based buffer overflow in utf_head_off() in mbyte.c (CVE-2022-0318)

* vim: Heap-based buffer overflow in init_ccline() in ex_getln.c (CVE-2022-0359)

* vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow (CVE-2022-0361)

* vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c (CVE-2022-0392)

* vim: Use after free in src/ex_cmds.c (CVE-2022-0413)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	vim-enhanced-8.0.1763-16.el8_5.13.aarch64.rpm	16f4576bcd3ee613cc07aca78e01eabc57beaeee79d9a2e98745350aab553572
aarch64	vim-common-8.0.1763-16.el8_5.13.aarch64.rpm	3230bcfeec1a117bd0eb56f90cd91eb54848fd3b64d459e059913dad97dca450
aarch64	vim-X11-8.0.1763-16.el8_5.13.aarch64.rpm	4384f95323f33f77e637c45db5707ea320ce4db2bec31e8356bace434510a06e
aarch64	vim-minimal-8.0.1763-16.el8_5.13.aarch64.rpm	916b41a87cc0f95792bcb15fb273b911746f11d023adbcba5746d66856be715c
noarch	vim-filesystem-8.0.1763-16.el8_5.13.noarch.rpm	4e0b6f85dd208b78e3043afec30145ac6594994c580a776fbfdd4be62c498263
noarch	vim-filesystem-8.0.1763-16.el8_5.12.noarch.rpm	5a40976a3d6e488f33fcf7279b658062de3893d0e74f4d6c4f637e3f82b6f7ad
x86_64	vim-common-8.0.1763-16.el8_5.12.x86_64.rpm	15a2aa45a27b1d43912d57d14e7864e4e67fdfe3fadde856ed5c302df5953e71
x86_64	vim-X11-8.0.1763-16.el8_5.12.x86_64.rpm	4e0e59c0388e9ea38801328a71ce554a0bd96fc15a9379623852b2ba546e9dbe
x86_64	vim-minimal-8.0.1763-16.el8_5.13.x86_64.rpm	d2f9436ce89cb90eaa1baa73776dd834d9650098e6a9ce23f466f808966c896b
x86_64	vim-enhanced-8.0.1763-16.el8_5.12.x86_64.rpm	e39138b8e0d65c5ef15ef6adc32435524144f50d20d01c15a1fe56eeea6d2014

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.