Oracle Linux 6278 Published by

A vim security update has been released for Oracle Linux 9.



El-errata: ELSA-2022-5942 Moderate: Oracle Linux 9 vim security update


Oracle Linux Security Advisory ELSA-2022-5942

  http://linux.oracle.com/errata/ELSA-2022-5942.html

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:

x86_64:
vim-X11-8.2.2637-16.0.1.el9_0.3.x86_64.rpm
vim-common-8.2.2637-16.0.1.el9_0.3.x86_64.rpm
vim-enhanced-8.2.2637-16.0.1.el9_0.3.x86_64.rpm
vim-filesystem-8.2.2637-16.0.1.el9_0.3.noarch.rpm
vim-minimal-8.2.2637-16.0.1.el9_0.3.x86_64.rpm

aarch64:
vim-X11-8.2.2637-16.0.1.el9_0.3.aarch64.rpm
vim-common-8.2.2637-16.0.1.el9_0.3.aarch64.rpm
vim-enhanced-8.2.2637-16.0.1.el9_0.3.aarch64.rpm
vim-filesystem-8.2.2637-16.0.1.el9_0.3.noarch.rpm
vim-minimal-8.2.2637-16.0.1.el9_0.3.aarch64.rpm

SRPMS:
  http://oss.oracle.com/ol9/SRPMS-updates/vim-8.2.2637-16.0.1.el9_0.3.src.rpm

Related CVEs:

CVE-2022-1785
CVE-2022-1897
CVE-2022-1927



Description of changes:

[8.2.2637-16.0.1.3]
- Remove upstream references [Orabug: 31197557]

[2:8.2.2637-16.3]
- CVE-2022-1785 vim: Out-of-bounds Write
- CVE-2022-1897 vim: out-of-bounds write in vim_regsub_both() in regexp.c
- CVE-2022-1927 vim: buffer over-read in utf_ptr2char() in mbyte.c

_______________________________________________