UbuntuUpdates.org

Package "vim-nox"

Name: vim-nox

Description:

Vi IMproved - enhanced vi editor - with scripting languages support

Latest version: 2:8.2.3995-1ubuntu2.1
Release: jammy (22.04)
Level: updates
Repository: universe
Head package: vim
Homepage: https://www.vim.org/

Links


Download "vim-nox"


Other versions of "vim-nox" in Jammy

Repository Area Version
base universe 2:8.2.3995-1ubuntu2
security universe 2:8.2.3995-1ubuntu2.1
proposed universe 2:8.2.3995-1ubuntu2.2

Changelog

Version: 2:8.2.3995-1ubuntu2.1 2022-09-15 14:06:24 UTC

  vim (2:8.2.3995-1ubuntu2.1) jammy-security; urgency=medium

  * SECURITY UPDATE: heap based buffer overflow in spelling suggestion
    function
    - debian/patches/CVE-2022-0943.patch: adjust "badlen".
    - CVE-2022-0943
  * SECURITY UPDATE: use-after-free when processing regular expressions in old
    engine
    - debian/patches/CVE-2022-1154.patch: after getting mark get the line
      again.
    - CVE-2022-1154
  * SECURITY UPDATE: use out-of-range pointer offset
    - debian/patches/CVE-2022-1420.patch: crash when using a number for lambda
      name
    - CVE-2022-1420
  * SECURITY UPDATE: buffer overflow when using invalid command with composing
    chars
    - debian/patches/CVE-2022-1616.patch: check that the whole character fits
      in the buffer.
    - CVE-2022-1616
  * SECURITY UPDATE: heap buffer overflow when processing CTRL-W in latin1
    encoding
    - debian/patches/CVE-2022-1619.patch: check already being at the start of
      the command line.
    - CVE-2022-1619
  * SECURITY UPDATE: NULL pointer access when using invalid pattern
    - debian/patches/CVE-2022-1620.patch: check for failed regexp program.
    - CVE-2022-1620
  * SECURITY UPDATE: heap buffer overflow when processing invalid character
    added to word list
    - debian/patches/CVE-2022-1621.patch: check for a valid word string.
    - debian/patches/remove_test_spell_single_word.patch: removal of test
      test_spell_single_word from src/testdir/test_spell.vim
    - CVE-2022-1621

 -- Nishit Majithia <email address hidden> Tue, 13 Sep 2022 15:05:02 +0530

CVE-2022-0943 Heap-based Buffer Overflow occurs in vim in GitHub repository vim/vim prior to 8.2.4563.
CVE-2022-1154 Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.
CVE-2022-1420 Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 8.2.4774.
CVE-2022-1616 Use after free in append_command in GitHub repository vim/vim prior to 8.2.4895. This vulnerability is capable of crashing software, Bypass Protectio
CVE-2022-1619 Heap-based Buffer Overflow in function cmdline_erase_chars in GitHub repository vim/vim prior to 8.2.4899. This vulnerabilities are capable of crashi
CVE-2022-1620 NULL Pointer Dereference in function vim_regexec_string at regexp.c:2729 in GitHub repository vim/vim prior to 8.2.4901. NULL Pointer Dereference in
CVE-2022-1621 Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Byp



About   -   Send Feedback to @ubuntu_updates