[ubuntu/lunar-security] vim 2:9.0.1000-4ubuntu3.2 (Accepted)

Fabian Toepfer fabian.toepfer at canonical.com
Wed Oct 25 16:13:21 UTC 2023


vim (2:9.0.1000-4ubuntu3.2) lunar-security; urgency=medium

  * SECURITY UPDATE: divide-by-zero vulnerability
    - debian/patches/CVE-2023-3896-pre.patch: Adjust logic for scrolling to
      avoid cursor moving to wrong line when 'foldmethod' is "diff".
    - debian/patches/CVE-2023-3896.patch: Add check for width to avoid 
      division by zero in scroll_cursor_bot.
    - CVE-2023-3896
  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after
      reset_VIsual() in do_ecmd.
    - CVE-2023-4733
  * SECURITY UPDATE: integer overflow vulnerability
    - debian/patches/CVE-2023-4734.patch: Check for typeval correctly in
      f_fullcommand.
    - CVE-2023-4734
  * SECURITY UPDATE: out of bounds write vulnerability
    - debian/patches/CVE-2023-4735.patch: Add check for buffer size to avoid
      overflow in do_addsub.
    - CVE-2023-4735
  * SECURITY UPDATE: buffer overflow vulnerability
    - debian/patches/CVE-2023-4738.patch: Check remaining space in
      vim_regsub_both.
    - CVE-2023-4738
  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/CVE-2023-4750.patch: Check buffer is valid before
      accessing it.
    - CVE-2023-4750
  * SECURITY UPDATE: heap based buffer overflow vulnerability
    - debian/patches/CVE-2023-4751.patch: Stop Visual mode when using :ball
      to avoid illegal memory access.
    - CVE-2023-4751
  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/CVE-2023-4752.patch: validate buffer before accessing it
      in ins_compl_get_exp.
    - CVE-2023-4752
  * SECURITY UPDATE: heap based buffer overflow vulnerability
    - debian/patches/CVE-2023-4781.patch: Disallow exchanging windows when
      textlock is active in vim_regsub_both.
    - CVE-2023-4781
  * SECURITY UPDATE: heap based buffer overflow vulnerability
    - debian/patches/CVE-2023-5344.patch: Add NULL at end of buffer in
      trunc_string.
    - CVE-2023-5344
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2023-5441.patch: skip gui_scroll when exmode_active
      in gui_do_scroll.
    - CVE-2023-5441
  * SECURITY UPDATE: use-after-free vulnerability
    - debian/patches/CVE-2023-5535.patch: block autocommands in
      buf_contents_changed.
    - CVE-2023-5535

Date: 2023-10-17 19:19:18.558073+00:00
Changed-By: Fabian Toepfer <fabian.toepfer at canonical.com>
https://launchpad.net/ubuntu/+source/vim/2:9.0.1000-4ubuntu3.2
-------------- next part --------------
Sorry, changesfile not available.


More information about the lunar-changes mailing list