[ubuntu/focal-updates] vim 2:8.1.2269-1ubuntu5.6 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Fri Jan 21 03:58:19 UTC 2022
vim (2:8.1.2269-1ubuntu5.6) focal-security; urgency=medium
* SECURITY UPDATE: Use-after-free issue in regular expression engine when
using a mark, could lead to a denial of service or code execution.
- debian/patches/CVE-2021-3974.patch: Ensure check for free is made when
processing mark in src/regexp_nfa.c, src/testdir/test_regexp_latin.vim
- CVE-2021-3974
* SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of
service or possible code execution when C-indenting
- debian/patches/CVE-2021-3984.patch: Fix memory access issue by correctly
dereferencing cursor position in src/cindent.c and
src/testdir/test_cindent.vim
- CVE-2021-3984
* SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of
service when help functions are provided with long command strings
- debian/patches/CVE-2021-4019.patch: Fix handling of strcpy to use safer
vim_snprintf in src/ex_cmds.c and src/testdir/test_help.vim
- CVE-2021-4019
* SECURITY UPDATE: Use-after-free issue in open command can lead to a denial
of service or possible code execution
- debian/patches/CVE-2021-4069.patch: Fix issue making a copy of the
current line and its address in src/ex_docmd.c
- CVE-2021-4069
Date: 2022-01-20 13:37:10.831167+00:00
Changed-By: Ray Veldkamp <ray.veldkamp at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/vim/2:8.1.2269-1ubuntu5.6
-------------- next part --------------
Sorry, changesfile not available.
More information about the Focal-changes
mailing list