UbuntuUpdates.org

Package "vim-nox"

Name: vim-nox

Description:

Vi IMproved - enhanced vi editor - with scripting languages support
Latest version: 2:9.1.0967-1ubuntu6.1
Release: questing (25.10)
Level: security
Repository: universe
Head package: vim
Homepage: https://www.vim.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "vim-nox"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "vim-nox" in Questing

Repository Area Version
base universe 2:9.1.0967-1ubuntu6
updates universe 2:9.1.0967-1ubuntu6.1

Changelog

Version: 2:9.1.0967-1ubuntu6.1 2026-03-17 04:09:49 UTC

  vim (2:9.1.0967-1ubuntu6.1) questing-security; urgency=medium

  * SECURITY UPDATE: Buffer Overflow
    - debian/patches/CVE-2026-26269.patch: Limit writing to max KEYBUFLEN
      bytes to prevent writing out of bounds.
    - debian/patches/CVE-2026-28420.patch: Use VTERM_MAX_CHARS_PER_CELL * 4
      for ga_grow() to ensure sufficient space. Add a boundary check to the
      character loop to prevent index out-of-bounds access.
    - debian/patches/CVE-2026-28422.patch: Update the size check to account
      for the byte length of the fill character (using MB_CHAR2LEN).
    - debian/patches/CVE-2026-25749.patch: Limit strncpy to the length
      of the buffer (MAXPATHL)
    - CVE-2026-26269
    - CVE-2026-28420
    - CVE-2026-28422
    - CVE-2026-25749
  * SECURITY UPDATE: Command Injection
    - debian/patches/CVE-2026-28417.patch: Implement stricter RFC1123
      hostname and IP validation. Use shellescape() for the provided
      hostname and port.
    - CVE-2026-28417
  * SECURITY UPDATE: Out of Bounds Read
    - debian/patches/CVE-2026-28418.patch: Check for end of buffer
      and return early.
    - CVE-2026-28418
  * SECURITY UPDATE: Buffer Underflow
    - debian/patches/CVE-2026-28419.patch: Add a check to ensure the
      delimiter (p_7f) is not at the start of the buffer (lbuf) before
      attempting to isolate the tag name.
    - CVE-2026-28419
  * SECURITY UPDATE: Denial of Service
    - debian/patches/CVE-2026-28421.patch: Add bounds checks on
      pe_page_count and pe_bnum against mf_blocknr_max before descending
      into the block tree, and validate pe_old_lnum >= 1 and
      pe_line_count > 0 before calling readfile().
    - CVE-2026-28421

 -- Bruce Cable <email address hidden> Tue, 10 Mar 2026 20:05:18 +1100
CVE-2026-26269 Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim's NetBeans integration when p
CVE-2026-28420 Vim is an open source, command line text editor. Prior to version 9.2.0076, a heap-based buffer overflow WRITE and an out-of-bounds READ exist in Vim
CVE-2026-28422 Vim is an open source, command line text editor. Prior to version 9.2.0078, a stack-buffer-overflow occurs in `build_stl_str_hl()` when rendering a s
CVE-2026-25749 Vim is an open source, command line text editor. Prior to version 9.1.2132, a heap buffer overflow vulnerability exists in Vim's tag file resolution
CVE-2026-28417 Vim is an open source, command line text editor. Prior to version 9.2.0073, an OS command injection vulnerability exists in the `netrw` standard plug
CVE-2026-28418 Vim is an open source, command line text editor. Prior to version 9.2.0074, a heap-based buffer overflow out-of-bounds read exists in Vim's Emacs-sty
CVE-2026-28419 Vim is an open source, command line text editor. Prior to version 9.2.0075, a heap-based buffer underflow exists in Vim's Emacs-style tags file parsi
CVE-2026-28421 Vim is an open source, command line text editor. Versions prior to 9.2.0077 have a heap-buffer-overflow and a segmentation fault (SEGV) exist in Vim'


About   -   Send Feedback to @ubuntu_updates