[ubuntu/hirsute-security] vim 2:8.2.2434-1ubuntu1.1 (Accepted)
Spyros Seimenis
spyros.seimenis at canonical.com
Tue Sep 28 09:51:09 UTC 2021
vim (2:8.2.2434-1ubuntu1.1) hirsute-security; urgency=medium
* SECURITY UPDATE: Fix heap-based buffer overflow when using :retab with
large value
- debian/patches/CVE-2021-3770-1.patch: Check vartabstop contains positive
number in src/indent.c.
- debian/patches/CVE-2021-3770-2.patch: Fix memory leak for :retab with
invalid argument
- CVE-2021-3770
* SECURITY UPDATE: Fix heap-based buffer overflow when reading beyond end of
line with invalid utf-8 character
- debian/patches/CVE-2021-3778.patch: Validate encoding of character before
advancing line in regexp_nfa.c.
- CVE-2021-3778
* SECURITY UPDATE: Fix use after free when replacing
- debian/patches/CVE-2021-3796.patch: Get the line pointer after calling
ins_copychar() in src/normal.c.
- CVE-2021-3796
Date: 2021-09-21 15:41:13.960744+00:00
Changed-By: Spyros Seimenis <spyros.seimenis at canonical.com>
https://launchpad.net/ubuntu/+source/vim/2:8.2.2434-1ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.
More information about the Hirsute-changes
mailing list