Alerts This Week
Warning Icon 1 540
Alerts This Week
Warning Icon 1 540

Fedora 34 FEDORA-2022-8df66cdbef Critical: Vim Buffer Overflow

fedora
Calendar Grey May 17, 2022
Dist Fedora Esm H88
This Fedora patch addresses significant vulnerabilities in nano related to memory management. Protect your environment immediately!
patchlevel 4927 Security fixes for CVE-2022-1616, CVE-2022-1619, CVE-2022-1619, CVE-2022-1621, CVE-2022-1629

Summary

VIM (VIsual editor iMproved) is an updated and improved version of the

vi editor. Vi was the first real screen-based editor for UNIX, and is

still very popular. VIM improves on vi by adding new features:

multiple windows, multi-level undo, block highlighting and more.

patchlevel 4927 Security fixes for CVE-2022-1616, CVE-2022-1619, CVE-2022-1619,

CVE-2022-1621, CVE-2022-1629

* Mon May 9 2022 Zdenek Dohnal - 2:8.2.4927-1

- patchlevel 4927

* Mon May 9 2022 Zdenek Dohnal - 2:8.2.4877-2

- add new file vimhelp.vim

* Fri May 6 2022 Zdenek Dohnal - 2:8.2.4877-1

- patchlevel 4877

* Mon May 2 2022 Zdenek Dohnal - 2:8.2.4857-1

- patchlevel 4857

* Fri Apr 29 2022 Zdenek Dohnal - 2:8.2.4845-1

- patchlevel 4845

[ 1 ] Bug #2083017 - CVE-2022-1616 vim: heap-buffer-overflow in append_command of src/ex_docmd.c

https://bugzilla.redhat.com/show_bug.cgi?id=2083017

[ 2 ] Bug #2083026 - CVE-2022-1619 vim: heap-buffer-overflow in cmdline_erase_chars of ex_getln.c

https://bugzilla.redhat.com/show_bug.cgi?id=2083026

[ 3 ] Bug #2083029 - CVE-2022-1620 vim: NULL Pointer Dereference in vim_regexec_string() of regexp.c

https://bugzilla.redhat.com/show_bug.cgi?id=2083029

[ 4 ] Bug #2083924 - CVE-2022-1621 vim: heap buffer overflow

https://bugzilla.redhat.com/show_bug.cgi?id=2083924

[ 5 ] Bug #2083931 - CVE-2022-1629 vim: buffer over-read

https://bugzilla.redhat.com/show_bug.cgi?id=2083931

su -c 'dnf upgrade --advisory FEDORA-2022-8df66cdbef' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure

Topics%20covered

Topics Covered

security advisory fedora update buffer overflow critical vim

Change Log

References

Update Instructions

Severity
critical
Lowest
Low
Medium
High
Critical

Product: Fedora 34
Version: 8.2.4927
Release: 1.fc34
URL: https://www.vim.org/
Summary: The VIM editor

Topics%20covered

Topics Covered

security advisory fedora update buffer overflow critical vim

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Related News

Your message here