AlmaLinux 2325 Published by

A vim security update has been released for AlmaLinux.



ALSA-2022:0894 Moderate: vim security update


Type:
security

Severity:
moderate

Release date:
2022-03-16

Description
Security Fix(es):
* vim: Heap-based buffer overflow in block_insert() in src/ops.c (CVE-2022-0261)
* vim: Heap-based buffer overflow in utf_head_off() in mbyte.c (CVE-2022-0318)
* vim: Heap-based buffer overflow in init_ccline() in ex_getln.c (CVE-2022-0359)
* vim: Illegal memory access when copying lines in visual mode leads to heap buffer overflow (CVE-2022-0361)
* vim: Heap-based buffer overflow in getexmodeline() in ex_getln.c (CVE-2022-0392)
* vim: Use after free in src/ex_cmds.c (CVE-2022-0413)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References:
CVE-2022-0261
CVE-2022-0318
CVE-2022-0359
CVE-2022-0361
CVE-2022-0392
CVE-2022-0413

Updates packages:
vim-X11-8.0.1763-16.el8_5.12.x86_64.rpm
vim-common-8.0.1763-16.el8_5.12.x86_64.rpm
vim-enhanced-8.0.1763-16.el8_5.12.x86_64.rpm
vim-filesystem-8.0.1763-16.el8_5.12.noarch.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:0894 Moderate: vim security update