[ubuntu/jammy-updates] vim 2:8.2.3995-1ubuntu2.10 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Thu Aug 3 08:29:15 UTC 2023
vim (2:8.2.3995-1ubuntu2.10) jammy-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2182.patch: When on line zero check the
column is valid for line one.
- debian/patches/CVE-2022-2264.patch: Adjust the end mark position.
- debian/patches/CVE-2022-2284.patch: Stop Visual mode when closing a
window.
- CVE-2022-2182
- CVE-2022-2264
- CVE-2022-2284
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-2208.patch: Recompute diffs later. Skip
window without a valid buffer.
- debian/patches/CVE-2022-2231.patch: Do not use the NULL pointer.
- CVE-2022-2208
- CVE-2022-2231
* SECURITY UPDATE: out-of-bounds write issue
- debian/patches/CVE-2022-2210.patch: Use zero offset when change
removes all lines in a diff block
- CVE-2022-2210
* SECURITY UPDATE: out-of-bounds read issue
- debian/patches/CVE-2022-2257.patch: Check for NUL.
- debian/patches/CVE-2022-2286.patch: Check the length of the string
- debian/patches/CVE-2022-2287.patch: Disallow adding a word with
control characters or a trailing slash.
- CVE-2022-2257
- CVE-2022-2286
- CVE-2022-2287
* SECURITY UPDATE: integer overflow issue
- debian/patches/CVE-2022-2285.patch: Put a NUL after the typeahead.
- CVE-2022-2285
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-2289.patch: Bail out when diff pointer is no
longer valid
- CVE-2022-2289
* debian/patches/skip_some_tests.patch: skip some failing test
Date: 2023-08-02 11:26:08.916768+00:00
Changed-By: Nishit Majithia <nishit.majithia at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/vim/2:8.2.3995-1ubuntu2.10
-------------- next part --------------
Sorry, changesfile not available.
More information about the jammy-changes
mailing list