Package "vim"
| Name: |
vim
|
Description: |
This package is just an umbrella for a group of other packages,
it has no description.
Description samples from packages in group:
- Vi IMproved - enhanced vi editor - with Athena GUI
- Vi IMproved - enhanced vi editor (dummy package)
- Vi IMproved - enhanced vi editor - with GTK3 GUI
- Vi IMproved - Common GUI files
|
| Latest version: |
2:8.2.3995-1ubuntu2.3 |
| Release: |
jammy (22.04) |
| Level: |
security |
| Repository: |
universe |
Links
Other versions of "vim" in Jammy
Packages in group
Deleted packages are displayed in grey.
Changelog
|
vim (2:8.2.3995-1ubuntu2.3) jammy-security; urgency=medium
* SECURITY UPDATE: illegal memory access with bracketed paste in Ex mode
- debian/patches/CVE-2022-0392.patch: reverse space for the trailing NUL
- CVE-2022-0392
* SECURITY UPDATE: retab may cause illegal memory access
- debian/patches/CVE-2022-0417.patch: limit the value of tabstop
- CVE-2022-0417
-- Mark Esler <email address hidden> Wed, 11 Jan 2023 17:53:12 -0600
|
| Source diff to previous version |
| CVE-2022-0392 |
Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. |
| CVE-2022-0417 |
Heap-based Buffer Overflow GitHub repository vim/vim prior to 8.2. |
|
|
vim (2:8.2.3995-1ubuntu2.1) jammy-security; urgency=medium
* SECURITY UPDATE: heap based buffer overflow in spelling suggestion
function
- debian/patches/CVE-2022-0943.patch: adjust "badlen".
- CVE-2022-0943
* SECURITY UPDATE: use-after-free when processing regular expressions in old
engine
- debian/patches/CVE-2022-1154.patch: after getting mark get the line
again.
- CVE-2022-1154
* SECURITY UPDATE: use out-of-range pointer offset
- debian/patches/CVE-2022-1420.patch: crash when using a number for lambda
name
- CVE-2022-1420
* SECURITY UPDATE: buffer overflow when using invalid command with composing
chars
- debian/patches/CVE-2022-1616.patch: check that the whole character fits
in the buffer.
- CVE-2022-1616
* SECURITY UPDATE: heap buffer overflow when processing CTRL-W in latin1
encoding
- debian/patches/CVE-2022-1619.patch: check already being at the start of
the command line.
- CVE-2022-1619
* SECURITY UPDATE: NULL pointer access when using invalid pattern
- debian/patches/CVE-2022-1620.patch: check for failed regexp program.
- CVE-2022-1620
* SECURITY UPDATE: heap buffer overflow when processing invalid character
added to word list
- debian/patches/CVE-2022-1621.patch: check for a valid word string.
- debian/patches/remove_test_spell_single_word.patch: removal of test
test_spell_single_word from src/testdir/test_spell.vim
- CVE-2022-1621
-- Nishit Majithia <email address hidden> Tue, 13 Sep 2022 15:05:02 +0530
|
| CVE-2022-0943 |
Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563. |
| CVE-2022-1154 |
Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. |
| CVE-2022-1420 |
Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774. |
| CVE-2022-1616 |
Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protectio |
| CVE-2022-1619 |
Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashi |
| CVE-2022-1620 |
NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in |
| CVE-2022-1621 |
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Byp |
|
About
-
Send Feedback to @ubuntu_updates
