Fedora 34: 2022-48bf3cb1c4 Moderate: VIM Buffer Overflow Fixes
fedora
February 25, 2022
Security fix for CVE-2022-0554 ---- Security fixes for CVE-2022-0714, CVE-2022-0729 ---- Security fix for CVE-2022-0696 ---- Security fix for CVE-2022-0629 ---- Security fix for CV...
Summary
VIM (VIsual editor iMproved) is an updated and improved version of the
vi editor. Vi was the first real screen-based editor for UNIX, and is
still very popular. VIM improves on vi by adding new features:
multiple windows, multi-level undo, block highlighting and more.
Security fix for CVE-2022-0554 ---- Security fixes for CVE-2022-0714,
CVE-2022-0729 ---- Security fix for CVE-2022-0696 ---- Security fix for
CVE-2022-0629 ---- Security fix for CVE-2022-0572 ---- Security fixes for
CVE-2022-0408, CVE-2022-0413, CVE-2022-0393, CVE-2022-0417, CVE-2022-0443 ----Security fix for CVE-2022-0685
* Thu Feb 24 2022 Zdenek Dohnal
- patchlevel 4460
* Mon Feb 21 2022 Zdenek Dohnal
- patchlevel 4428
* Tue Feb 15 2022 Zdenek Dohnal
- patchlevel 4386
* Mon Feb 7 2022 Zdenek Dohnal
- patchlevel 4314
[ 1 ] Bug #2048515 - CVE-2022-0408 vim: Stack-based Buffer Overflow in spellsuggest.c
https://bugzilla.redhat.com/show_bug.cgi?id=2048515
[ 2 ] Bug #2048519 - CVE-2022-0413 vim: Use after free in src/ex_cmds.c
https://bugzilla.redhat.com/show_bug.cgi?id=2048519
[ 3 ] Bug #2049180 - CVE-2022-0393 vim: out-of-bounds read in delete_buff_tail() in getchar.c
https://bugzilla.redhat.com/show_bug.cgi?id=2049180
[ 4 ] Bug #2050149 - CVE-2022-0417 vim: heap-based-buffer-overflow in ex_retab() of src/indent.c
https://bugzilla.redhat.com/show_bug.cgi?id=2050149
[ 5 ] Bug #2050182 - CVE-2022-0443 vim: heap-use-after-free in enter_buffer() of src/buffer.c
https://bugzilla.redhat.com/show_bug.cgi?id=2050182
[ 6 ] Bug #2054278 - CVE-2022-0572 vim: heap overflow in ex_retab() may lead to crash
https://bugzilla.redhat.com/show_bug.cgi?id=2054278
[ 7 ] Bug #2055695 - CVE-2022-0629 vim: Stack-based Buffer Overflow in vim prior to 8.2.
https://bugzilla.redhat.com/show_bug.cgi?id=2055695
[ 8 ] Bug #2056805 - CVE-2022-0696 vim: NULL Pointer Dereference in vim prior to 8.2
https://bugzilla.redhat.com/show_bug.cgi?id=2056805
[ 9 ] Bug #2057187 - CVE-2022-0714 vim: buffer overflow
https://bugzilla.redhat.com/show_bug.cgi?id=2057187
[ 10 ] Bug #2057716 - CVE-2022-0729 vim: Use of Out-of-range Pointer Offset
https://bugzilla.redhat.com/show_bug.cgi?id=2057716
[ 11 ] Bug #2057820 - CVE-2022-0685 : vim: Use of Out-of-range Pointer Offset in vim
https://bugzilla.redhat.com/show_bug.cgi?id=2057820
[ 12 ] Bug #2058483 - CVE-2022-0554 vim: Use of Out-of-range Pointer Offset in vim prior
https://bugzilla.redhat.com/show_bug.cgi?id=2058483
su -c 'dnf upgrade --advisory FEDORA-2022-48bf3cb1c4' at the command
line. For more information, refer to the dnf documentation available at
https://dnf.readthedocs.io/en/latest/command_ref.html
All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/security/
package-announce mailing list -- package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/
Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure
Topics Covered
Change Log
References
Update Instructions
PREVIOUS 
NEXT Topics Covered
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!