UbuntuUpdates.org

Package "vim"

Name: vim

Description:

Vi IMproved - enhanced vi editor

Latest version: 2:8.1.2269-1ubuntu5.3
Release: focal (20.04)
Level: updates
Repository: main
Homepage: https://www.vim.org/

Links


Download "vim"


Other versions of "vim" in Focal

Repository Area Version
base main 2:8.1.2269-1ubuntu5
base universe 2:8.1.2269-1ubuntu5
security main 2:8.1.2269-1ubuntu5.3
security universe 2:8.1.2269-1ubuntu5.3
updates universe 2:8.1.2269-1ubuntu5.3

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:8.1.2269-1ubuntu5.3 2021-09-28 12:06:23 UTC

  vim (2:8.1.2269-1ubuntu5.3) focal-security; urgency=medium

  * SECURITY UPDATE: Fix heap-based buffer overflow when using :retab with
    large value
    - debian/patches/CVE-2021-3770-1.patch: Check vartabstop contains positive
      number in src/indent.c.
    - debian/patches/CVE-2021-3770-2.patch: Fix memory leak for :retab with
      invalid argument
    - CVE-2021-3770
  * SECURITY UPDATE: Fix heap-based buffer overflow when reading beyond end of
    line with invalid utf-8 character
    - debian/patches/CVE-2021-3778.patch: Validate encoding of character before
      advancing line in regexp_nfa.c.
    - CVE-2021-3778
  * SECURITY UPDATE: Fix use after free when replacing
    - debian/patches/CVE-2021-3796.patch: Get the line pointer after calling
      ins_copychar() in src/normal.c.
    - CVE-2021-3796
  * Fix failing flaky test for riscv64 builds.

 -- Spyros Seimenis <email address hidden> Mon, 20 Sep 2021 14:42:42 +0300

CVE-2021-3770 vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-3778 vim is vulnerable to Heap-based Buffer Overflow
CVE-2021-3796 vim is vulnerable to Use After Free



About   -   Send Feedback to @ubuntu_updates