El-errata: ELSA-2023-0958 Moderate: Oracle Linux 9 vim security update
Oracle Linux Security Advisory ELSA-2023-0958
http://linux.oracle.com/errata/ELSA-2023-0958.html
The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network:
x86_64:
vim-X11-8.2.2637-20.0.1.el9_1.x86_64.rpm
vim-common-8.2.2637-20.0.1.el9_1.x86_64.rpm
vim-enhanced-8.2.2637-20.0.1.el9_1.x86_64.rpm
vim-filesystem-8.2.2637-20.0.1.el9_1.noarch.rpm
vim-minimal-8.2.2637-20.0.1.el9_1.x86_64.rpm
aarch64:
vim-X11-8.2.2637-20.0.1.el9_1.aarch64.rpm
vim-common-8.2.2637-20.0.1.el9_1.aarch64.rpm
vim-enhanced-8.2.2637-20.0.1.el9_1.aarch64.rpm
vim-filesystem-8.2.2637-20.0.1.el9_1.noarch.rpm
vim-minimal-8.2.2637-20.0.1.el9_1.aarch64.rpm
SRPMS:
http://oss.oracle.com/ol9/SRPMS-updates//vim-8.2.2637-20.0.1.el9_1.src.rpm
Related CVEs:
CVE-2022-47024
Description of changes:
[8.2.2637-20.0.1]
- Remove upstream references [Orabug: 31197557]
[2:8.2.2637-20]
- CVE-2022-47024 vim: no check if the return value of XChangeGC() is NULL
[2:8.2.2637-19]
- CVE-2022-1785 vim: Out-of-bounds Write
- CVE-2022-1897 vim: out-of-bounds write in vim_regsub_both() in regexp.c
- CVE-2022-1927 vim: buffer over-read in utf_ptr2char() in mbyte.c
[2:8.2.2637-18]
- CVE-2022-1621 vim: heap buffer overflow
- CVE-2022-1629 vim: buffer over-read
[2:8.2.2637-17]
- CVE-2022-1154 vim: use after free in utf_ptr2char
- CVE-2022-1420 vim: Out-of-range Pointer Offset
_______________________________________________
A vim security update has been released for Oracle Linux 9.