[ubuntu/focal-updates] vim 2:8.1.2269-1ubuntu5.3 (Accepted)

Ubuntu Archive Robot ubuntu-archive-robot at lists.canonical.com
Tue Sep 28 10:58:16 UTC 2021


vim (2:8.1.2269-1ubuntu5.3) focal-security; urgency=medium

  * SECURITY UPDATE: Fix heap-based buffer overflow when using :retab with
    large value
    - debian/patches/CVE-2021-3770-1.patch: Check vartabstop contains positive
      number in src/indent.c.
    - debian/patches/CVE-2021-3770-2.patch: Fix memory leak for :retab with
      invalid argument
    - CVE-2021-3770
  * SECURITY UPDATE: Fix heap-based buffer overflow when reading beyond end of
    line with invalid utf-8 character
    - debian/patches/CVE-2021-3778.patch: Validate encoding of character before
      advancing line in regexp_nfa.c.
    - CVE-2021-3778
  * SECURITY UPDATE: Fix use after free when replacing
    - debian/patches/CVE-2021-3796.patch: Get the line pointer after calling
      ins_copychar() in src/normal.c.
    - CVE-2021-3796
  * Fix failing flaky test for riscv64 builds.

Date: 2021-09-26 18:49:14.625271+00:00
Changed-By: Spyros Seimenis <spyros.seimenis at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/vim/2:8.1.2269-1ubuntu5.3
-------------- next part --------------
Sorry, changesfile not available.


More information about the Focal-changes mailing list