[ubuntu/jammy-updates] vim 2:8.2.3995-1ubuntu2.1 (Accepted)

[Ubuntu Archive Robot]

vim (2:8.2.3995-1ubuntu2.1) jammy-security; urgency=medium

  * SECURITY UPDATE: heap based buffer overflow in spelling suggestion
    function
    - debian/patches/CVE-2022-0943.patch: adjust "badlen".
    - CVE-2022-0943
  * SECURITY UPDATE: use-after-free when processing regular expressions in old
    engine
    - debian/patches/CVE-2022-1154.patch: after getting mark get the line
      again.
    - CVE-2022-1154
  * SECURITY UPDATE: use out-of-range pointer offset
    - debian/patches/CVE-2022-1420.patch: crash when using a number for lambda
      name
    - CVE-2022-1420
  * SECURITY UPDATE: buffer overflow when using invalid command with composing
    chars
    - debian/patches/CVE-2022-1616.patch: check that the whole character fits
      in the buffer.
    - CVE-2022-1616
  * SECURITY UPDATE: heap buffer overflow when processing CTRL-W in latin1
    encoding
    - debian/patches/CVE-2022-1619.patch: check already being at the start of
      the command line.
    - CVE-2022-1619
  * SECURITY UPDATE: NULL pointer access when using invalid pattern
    - debian/patches/CVE-2022-1620.patch: check for failed regexp program.
    - CVE-2022-1620
  * SECURITY UPDATE: heap buffer overflow when processing invalid character
    added to word list
    - debian/patches/CVE-2022-1621.patch: check for a valid word string.
    - debian/patches/remove_test_spell_single_word.patch: removal of test       
      test_spell_single_word from src/testdir/test_spell.vim
    - CVE-2022-1621

Date: 2022-09-14 11:15:09.624558+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.1
-------------- next part --------------
Sorry, changesfile not available.