Oracle Linux 6278 Published by

A vim security update has been released for Oracle Linux 9.



El-errata: ELSA-2022-5242 Moderate: Oracle Linux 9 vim security update


Oracle Linux Security Advisory ELSA-2022-5242

  http://linux.oracle.com/errata/ELSA-2022-5242.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
vim-X11-8.2.2637-16.0.1.el9_0.2.x86_64.rpm
vim-common-8.2.2637-16.0.1.el9_0.2.x86_64.rpm
vim-enhanced-8.2.2637-16.0.1.el9_0.2.x86_64.rpm
vim-filesystem-8.2.2637-16.0.1.el9_0.2.noarch.rpm
vim-minimal-8.2.2637-16.0.1.el9_0.2.x86_64.rpm

aarch64:
vim-X11-8.2.2637-16.0.1.el9_0.2.aarch64.rpm
vim-common-8.2.2637-16.0.1.el9_0.2.aarch64.rpm
vim-enhanced-8.2.2637-16.0.1.el9_0.2.aarch64.rpm
vim-filesystem-8.2.2637-16.0.1.el9_0.2.noarch.rpm
vim-minimal-8.2.2637-16.0.1.el9_0.2.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol9/SRPMS-updates/vim-8.2.2637-16.0.1.el9_0.2.src.rpm

Related CVEs:

CVE-2022-0554
CVE-2022-0943
CVE-2022-1154
CVE-2022-1420
CVE-2022-1621
CVE-2022-1629



Description of changes:

[8.2.2637-16.0.1]
- - Remove upstream references [Orabug: 31197557]

[2:8.2.2637-16.2]
- CVE-2022-1621 vim: heap buffer overflow
- CVE-2022-1629 vim: buffer over-read

[2:8.2.2637-16.1]
- CVE-2022-0554 vim: Use of Out-of-range Pointer Offset in vim prior
- CVE-2022-0943 vim: Heap-based Buffer Overflow occurs in vim
- CVE-2022-1154 vim: use after free in utf_ptr2char
- CVE-2022-1420 vim: Out-of-range Pointer Offset

_______________________________________________