AlmaLinux 2324 Published by

A vim security update has been released for AlmaLinux.



ALSA-2022:0366 Moderate: vim security update


Type:
security

Severity:
moderate

Release date:
2022-02-02

Description
Security Fix(es):
* vim: heap-based buffer overflow in win_redr_status() in drawscreen.c (CVE-2021-3872)
* vim: illegal memory access in find_start_brace() in cindent.c when C-indenting (CVE-2021-3984)
* vim: heap-based buffer overflow in find_help_tags() in help.c (CVE-2021-4019)
* vim: use-after-free in win_linetabsize() (CVE-2021-4192)
* vim: out-of-bound read in getvcol() (CVE-2021-4193)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2021-3872
CVE-2021-3984
CVE-2021-4019
CVE-2021-4192
CVE-2021-4193

Updates packages:
vim-minimal-8.0.1763-16.el8_5.4.x86_64.rpm

Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:0366 Moderate: vim security update