[ubuntu/precise-security] vim 2:7.3.429-2ubuntu2.3 (Accepted)
Steve Langasek
steve.langasek at canonical.com
Mon May 3 13:09:58 UTC 2021
vim (2:7.3.429-2ubuntu2.3) precise-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/upstream/patch-8.0.070*.patch: check the event
event for being out of range in src/fileio.c; do not set cmdbuff to
NULL, make it empty in src/ex_getln.c; set w_s pointer if w_buffer
was NULL in src/ex_cmds.c.
- CVE-2017-11109
* SECURITY UPDATE: Buffer overflow
- debian/patches/upstream/patch-8.0.0322-*.patch: check for an invalid
length in src/spell.c.
- CVE-2017-5953
* SECURITY UPDATE: Integer overflow
- debian/patches/upstream/patch-8.0.0377*.patch: check if allocated size
is not too big in src/undo.c.
- CVE-2017-6349
* SECURITY UPDATE: Buffer overflow
- debian/patches/upstream/patch-8.0.0378*.patch: check if allocated size
is not too big in src/undo.c.
- CVE-2017-6350
Date: 2020-03-18 20:01:15.850467+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
Signed-By: Steve Langasek <steve.langasek at canonical.com>
https://launchpad.net/ubuntu/+source/vim/2:7.3.429-2ubuntu2.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Precise-changes
mailing list