Package "vim"
| Name: |
vim
|
Description: |
Vi IMproved - enhanced vi editor
|
| Latest version: |
2:8.2.3995-1ubuntu2.26 |
| Release: |
jammy (22.04) |
| Level: |
security |
| Repository: |
main |
| Homepage: |
https://www.vim.org/ |
Links
Download "vim"
Other versions of "vim" in Jammy
Packages in group
Deleted packages are displayed in grey.
Changelog
|
vim (2:8.2.3995-1ubuntu2.26) jammy-security; urgency=medium
* SECURITY UPDATE: Buffer Overflow
- debian/patches/CVE-2026-26269.patch: Limit writing to max KEYBUFLEN
bytes to prevent writing out of bounds.
- debian/patches/CVE-2026-28420.patch: Use VTERM_MAX_CHARS_PER_CELL * 4
for ga_grow() to ensure sufficient space. Add a boundary check to the
character loop to prevent index out-of-bounds access.
- debian/patches/CVE-2026-28422.patch: Update the size check to account
for the byte length of the fill character (using MB_CHAR2LEN).
- debian/patches/CVE-2026-25749.patch: Limit strncpy to the length
of the buffer (MAXPATHL)
- CVE-2026-26269
- CVE-2026-28420
- CVE-2026-28422
- CVE-2026-25749
* SECURITY UPDATE: Command Injection
- debian/patches/CVE-2026-28417.patch: Implement stricter RFC1123
hostname and IP validation. Use shellescape() for the provided
hostname and port.
- CVE-2026-28417
* SECURITY UPDATE: Out of Bounds Read
- debian/patches/CVE-2026-28418.patch: Check for end of buffer
and return early.
- CVE-2026-28418
* SECURITY UPDATE: Buffer Underflow
- debian/patches/CVE-2026-28419.patch: Add a check to ensure the
delimiter (p_7f) is not at the start of the buffer (lbuf) before
attempting to isolate the tag name.
- CVE-2026-28419
* SECURITY UPDATE: Denial of Service
- debian/patches/CVE-2026-28421.patch: Add bounds checks on
pe_page_count and pe_bnum against mf_blocknr_max before descending
into the block tree, and validate pe_old_lnum >= 1 and
pe_line_count > 0 before calling readfile().
- CVE-2026-28421
-- Bruce Cable <email address hidden> Wed, 11 Mar 2026 10:44:44 +1100
|
| Source diff to previous version |
| CVE-2026-26269 |
Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim's NetBeans integration when p |
| CVE-2026-28420 |
Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim |
| CVE-2026-28422 |
Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a s |
| CVE-2026-25749 |
Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution |
| CVE-2026-28417 |
Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plug |
| CVE-2026-28418 |
Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-sty |
| CVE-2026-28419 |
Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsi |
| CVE-2026-28421 |
Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim' |
|
|
vim (2:8.2.3995-1ubuntu2.24) jammy-security; urgency=medium
* SECURITY UPDATE: Use after free when redirecting display command to
register.
- debian/patches/CVE-2025-26603.patch: Change redir_reg check to use
vim_strchr command check in ./src/register.c.
- CVE-2025-26603
-- Hlib Korzhynskyy <email address hidden> Wed, 02 Apr 2025 10:09:01 -0230
|
| Source diff to previous version |
| CVE-2025-26603 |
Vim is a greatly improved version of the good old UNIX editor Vi. Vim allows to redirect screen messages using the `:redir` ex command to register, v |
|
|
vim (2:8.2.3995-1ubuntu2.23) jammy-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2025-24014.patch: fix a segfault in win_line()
in files src/gui.c, src/testdir/crash/ex_redraw_crash,
src/testdir/test_crash.vim.
- CVE-2025-24014
-- Leonidas Da Silva Barbosa <email address hidden> Mon, 03 Feb 2025 08:54:38 -0300
|
| Source diff to previous version |
| CVE-2025-24014 |
Vim is an open source, command line text editor. A segmentation fault was found in Vim before 9.1.1043. In silent Ex mode (-s -e), Vim typically does |
|
|
vim (2:8.2.3995-1ubuntu2.22) jammy-security; urgency=medium
* SECURITY UPDATE: Heap-buffer-overflow when switching buffers.
- debian/patches/CVE-2025-22134.patch: Add reset_VIsual_and_resel() to
src/arglist.c. Add ptrlen checks in src/misc1.c and src/ops.c.
- CVE-2025-22134
-- Hlib Korzhynskyy <email address hidden> Fri, 17 Jan 2025 12:55:02 -0330
|
| Source diff to previous version |
| CVE-2025-22134 |
When switching to other buffers using the :all command and visual mode still being active, this may cause a heap-buffer overflow, because Vim does no |
|
|
vim (2:8.2.3995-1ubuntu2.21) jammy-security; urgency=medium
* SECURITY UPDATE: Use after free when closing a buffer.
- debian/patches/CVE-2024-47814.patch: Add buf_locked() in src/buffer.c.
Abort autocommands editing a file when buf_locked() in src/ex_cmds.c.
Add buf_locked() in src/proto/buffer.pro.
- CVE-2024-47814
-- Hlib Korzhynskyy <email address hidden> Thu, 07 Nov 2024 09:47:21 -0330
|
| CVE-2024-47814 |
Vim is an open source, command line text editor. A use-after-free was found in Vim < 9.1.0764. When closing a buffer (visible in a window) a BufWinLe |
|
About
-
Send Feedback to @ubuntu_updates
