Alerts This Week
Warning Icon 1 764
Alerts This Week
Warning Icon 1 764

Ubuntu 22.04: 2023-040419db22 High: Nano Security Flaws and Memory Leaks

fedora
Calendar Grey April 2, 2023
Dist Fedora Esm H88
Recent updates for Vim in Fedora 36 tackle severe vulnerabilities such as memory leaks and index errors that could lead to unauthorized access.
Security fixes for CVE-2023-1175, CVE-2023-1170, CVE-2023-1264, CVE-2023-0512, CVE-2023-1355 ---- The newest upstream patchlevel 1367 Security fix for CVE-2023-1127

Summary

VIM (VIsual editor iMproved) is an updated and improved version of the

vi editor. Vi was the first real screen-based editor for UNIX, and is

still very popular. VIM improves on vi by adding new features:

multiple windows, multi-level undo, block highlighting and more.

Security fixes for CVE-2023-1175, CVE-2023-1170, CVE-2023-1264, CVE-2023-0512,

CVE-2023-1355 ---- The newest upstream patchlevel 1367 Security fix for

CVE-2023-1127

* Thu Mar 16 2023 Zdenek Dohnal - 2:9.0.1407-1

- patchlevel 1407

* Tue Mar 14 2023 Zdenek Dohnal - 2:9.0.1403-1

- patchlevel 1403

* Thu Mar 2 2023 Zdenek Dohnal - 2:9.0.1367-1

- patchlevel 1367

* Fri Feb 17 2023 Zdenek Dohnal - 2:9.0.1314-1

- patchlevel 1314

[ 1 ] Bug #2165798 - CVE-2023-0512 vim: divide by zero in adjust_skipcol() at move.ca

https://bugzilla.redhat.com/show_bug.cgi?id=2165798

[ 2 ] Bug #2174662 - CVE-2023-1127 vim: Divide By Zero in vim/vim

https://bugzilla.redhat.com/show_bug.cgi?id=2174662

[ 3 ] Bug #2176413 - CVE-2023-1264 vim: NULL pointer dereference issue in utfc_ptr2len

https://bugzilla.redhat.com/show_bug.cgi?id=2176413

[ 4 ] Bug #2176457 - CVE-2023-1175 vim: Incorrect Calculation of Buffer Size

https://bugzilla.redhat.com/show_bug.cgi?id=2176457

[ 5 ] Bug #2176462 - CVE-2023-1170 vim: Heap-based Buffer Overflow

https://bugzilla.redhat.com/show_bug.cgi?id=2176462

[ 6 ] Bug #2179911 - CVE-2023-1355 vim: null pointer dereference in class_object_index at vim9class.c

https://bugzilla.redhat.com/show_bug.cgi?id=2179911

su -c 'dnf upgrade --advisory FEDORA-2023-030318ca00' at the command

line. For more information, refer to the dnf documentation available at

https://dnf.readthedocs.io/en/latest/command_ref.html

All packages are signed with the Fedora Project GPG key. More details on the

GPG keys used by the Fedora Project can be found at

https://fedoraproject.org/security/

package-announce mailing list -- package-announce@lists.fedoraproject.org

To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org

Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/

List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines

List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/

Do not reply to spam, report it:

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora vim NULL issue

Change Log

References

Update Instructions

Product: Fedora 36
Version: 9.0.1407
Release: 1.fc36
URL: https://www.vim.org/
Summary: The VIM editor

Topics%20covered

Topics Covered

security advisory buffer overflow Fedora vim NULL issue

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here