[ubuntu/impish-security] vim 2:8.2.2434-3ubuntu3.2 (Accepted)

Ray Veldkamp ray.veldkamp at canonical.com
Thu Jan 20 13:23:08 UTC 2022


vim (2:8.2.2434-3ubuntu3.2) impish-security; urgency=medium

  * SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of
    service when using CTRL+w+f with an empty filename
    - debian/patches/CVE-2021-3973-1.patch: Ensure filename is checked for
      zero length in src/findfile.c, src/normal.c and
      src/testdir/test_visual.vim
    - debian/patches/CVE-2021-3973-2.patch: Fix for failing test in
      src/findfile.c
    - CVE-2021-3973

  * SECURITY UPDATE: Use-after-free issue in regular expression engine when
    using a mark, could lead to a denial of service or code execution.
    - debian/patches/CVE-2021-3974.patch: Ensure check for free is made when
      processing mark in src/regexp_nfa.c, src/testdir/test_regexp_latin.vim
    - CVE-2021-3974

  * SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of
    service or possible code execution when C-indenting
    - debian/patches/CVE-2021-3984.patch: Fix memory access issue by correctly
      dereferencing cursor position in src/cindent.c and
      src/testdir/test_cindent.vim
    - CVE-2021-3984

  * SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of
    service when help functions are provided with long command strings
    - debian/patches/CVE-2021-4019.patch: Fix handling of strcpy to use safer
      vim_snprintf in src/help.c and src/testdir/test_help.vim
    - CVE-2021-4019

  * SECURITY UPDATE: Use-after-free issue in open command can lead to a denial
    of service or possible code execution
    - debian/patches/CVE-2021-4069.patch: Fix issue making a copy of the
      current line and its address in src/ex_docmd.c and
      src/testdir/test_ex_mode.vim
    - CVE-2021-4069

Date: 2022-01-05 08:25:10.938365+00:00
Changed-By: Ray Veldkamp <ray.veldkamp at canonical.com>
https://launchpad.net/ubuntu/+source/vim/2:8.2.2434-3ubuntu3.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the impish-changes mailing list