Debian 10384 Published by

Debian GNU/Linux 11 (Bullseye) LTS has been updated with two security patches, one for vim and another for librabbitmq:

[DLA 4097-1] vim security update
[DLA 4096-1] librabbitmq security update




[SECURITY] [DLA 4097-1] vim security update


-------------------------------------------------------------------------
Debian LTS Advisory DLA-4097-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Sean Whitton
March 30, 2025 https://wiki.debian.org/LTS
-------------------------------------------------------------------------

Package : vim
Version : 2:8.2.2434-3+deb11u3
CVE ID : CVE-2021-3872 CVE-2021-4019 CVE-2021-4173 CVE-2021-4187
CVE-2022-0261 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361
CVE-2022-0392 CVE-2022-0417 CVE-2022-0572 CVE-2022-1616
CVE-2022-1785 CVE-2022-1897 CVE-2022-1942 CVE-2022-2000
CVE-2022-2129 CVE-2022-2304 CVE-2022-3099 CVE-2022-3134
CVE-2022-3324 CVE-2022-4141 CVE-2023-0054 CVE-2023-1175
CVE-2023-2610 CVE-2023-4738 CVE-2023-4752 CVE-2023-4781
CVE-2023-5344 CVE-2024-22667 CVE-2024-43802 CVE-2024-47814
Debian Bug : 1015984 1019590 1027146 1031875 1035955 1053694 1084806

Multiple vulnerabilities were discovered in vim, an enhanced vi editor.

CVE-2021-3872

Heap-based buffer overflow possible if the buffer name is very long.

CVE-2021-4019

Heap-based buffer overflow possible with a very long help argument.

CVE-2021-4173

Double free in the VimScript9 compiler with a nested :def function.

CVE-2021-4187

Double free in the VimScript9 compiler if a nested function has a
line break in its argument list.

CVE-2022-0261

Buffer overflow in block insert, which goes over the end of the line.

CVE-2022-0351

In a command, a condition with many parentheses can cause a crash,
because there was previously no recursion limit.

CVE-2022-0359

A heap-based buffer overflow could occur with a large tabstop in Ex
mode.

CVE-2022-0361

A buffer overflow was found in the code copying lines in Visual
mode.

CVE-2022-0392

A heap-based buffer overflow was found in the code handling
bracketed paste in ex mode.

CVE-2022-0417

The ":retab 0" command may cause a buffer overflow because a limit
was set too high.

CVE-2022-0572

Repeatedly using the ":retab" command may have caused a crash.

CVE-2022-1616

There is a possbile buffer overflow when processing an invalid
command with composing characters.

CVE-2022-1785

It was possible to change the window in a substitute expression,
which could lead to an out-of-bounds write.

CVE-2022-1897

It was possible to use the undo command in a substitute expression,
leading to an invalid memory overwrite.

CVE-2022-1942

It was possible to open a command line window from a substitute
expression, leading to a heap-based buffer overflow.

CVE-2022-2000

Command error messages were not truncated, and as such could lead to
out-of-bounds writes.

CVE-2022-2129

It was possible to switch buffers in a substitute expression,
leading to a heap-based buffer overflow.

CVE-2022-2304

Long words might cause a buffer overflow in the spellchecker.

CVE-2022-3099

Line numbers in ":for" commands were not validated, which could lead
to a crash.

CVE-2022-3134

If a relevant window was unexpectedly closed while searching for
tags, vim would crash.

CVE-2022-3324

Negative window widths caused the use of a negative array index,
that is, an invalid read.

CVE-2022-4141

Functions that visit another file during a substitution could cause
a heap-based buffer overflow.

CVE-2023-0054

A recursive substitute expression could cause an out-of-bounds write.

CVE-2023-1175

When doing virtual editing, a buffer size calculation was wrong.

CVE-2023-2610

When expanding "~" in a substitution, if the resulting expansion was
very long, vim would crash.

CVE-2023-4738

A buffer overflow problem was found in vim_regsub_both().

CVE-2023-4752

A use-after-free problem was found in ins_compl_get_exp().

CVE-2023-4781

A second buffer overflow problem was found in vim_regsub_both().

CVE-2023-5344

trunc_string() made an incorrect assumption about when a certain
buffer would be writeable.

CVE-2024-22667

Several calls writing error messages did not check that there was
enough space for the full message.

CVE-2024-43802

The typeahead buffer end pointer could be moved past its end when
flushing that buffer, leading to an out-of-bounds read.

CVE-2024-47814

When splitting the window and editing a new buffer, the new buffer
could be marked for deletion, leading to a use-after-free.

For Debian 11 bullseye, these problems have been fixed in version
2:8.2.2434-3+deb11u3.

We recommend that you upgrade your vim packages.

For the detailed security status of vim please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/vim

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS



[SECURITY] [DLA 4096-1] librabbitmq security update


- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4096-1 debian-lts@lists.debian.org
https://www.debian.org/lts/security/ Thorsten Alteholz
March 30, 2025 https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package : librabbitmq
Version : 0.10.0-1+deb11u1
CVE ID : CVE-2023-35789

An issue has been found in librabbitmq, a AMQP client library and
tools written in C. The issue is related to credential visibility when
using the tools on the command line.

For Debian 11 bullseye, this problem has been fixed in version
0.10.0-1+deb11u1.

We recommend that you upgrade your librabbitmq packages.

For the detailed security status of librabbitmq please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/librabbitmq

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS