Oracle8: ELSA-2022-5319: vim Moderate Security Update

Advisories

Oracle Linux Security Advisory ELSA-2022-5319

https://linux.oracle.com/errata/ELSA-2022-5319.html

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network:

x86_64:
vim-X11-8.0.1763-19.0.1.el8_6.2.x86_64.rpm
vim-common-8.0.1763-19.0.1.el8_6.2.x86_64.rpm
vim-enhanced-8.0.1763-19.0.1.el8_6.2.x86_64.rpm
vim-filesystem-8.0.1763-19.0.1.el8_6.2.noarch.rpm
vim-minimal-8.0.1763-19.0.1.el8_6.2.x86_64.rpm

aarch64:
vim-X11-8.0.1763-19.0.1.el8_6.2.aarch64.rpm
vim-common-8.0.1763-19.0.1.el8_6.2.aarch64.rpm
vim-enhanced-8.0.1763-19.0.1.el8_6.2.aarch64.rpm
vim-filesystem-8.0.1763-19.0.1.el8_6.2.noarch.rpm
vim-minimal-8.0.1763-19.0.1.el8_6.2.aarch64.rpm


SRPMS:
https://oss.oracle.com/ol8/SRPMS-updates/vim-8.0.1763-19.0.1.el8_6.2.src.rpm

Related CVEs:

CVE-2022-1621
CVE-2022-1629




Description of changes:

[2:8.0.1763-19.0.1.2]
- Remove upstream references [Orabug: 31197557]
- Added glibc-gconv-extra to common requires to provide ISO-8859-2 [Orabug: 34114984]

[2:8.0.1763-19.2]
- CVE-2022-1621 vim: heap buffer overflow
- CVE-2022-1629 vim: buffer over-read

[2:8.0.1763-19.1]
- CVE-2022-1154 vim: use after free in utf_ptr2char

[2:8.0.1763-19]
- CVE-2022-0361 vim: Heap-based Buffer Overflow in GitHub repository

[2:8.0.1763-18]
- CVE-2022-0392 vim: heap-based buffer overflow in getexmodeline() in ex_getln.c
- CVE-2022-0413 vim: use after free in src/ex_cmds.c

[2:8.0.1763-18]
- fix test suite after fix for CVE-2022-0318
- CVE-2022-0359 vim: heap-based buffer overflow in init_ccline() in ex_getln.c

[2:8.0.1763-18]
- CVE-2022-0261 vim: Heap-based Buffer Overflow in block_insert() in src/ops.c
- CVE-2022-0318 vim: heap-based buffer overflow in utf_head_off() in mbyte.c

[2:8.0.1763-18]
- CVE-2021-4193 vim: vulnerable to Out-of-bounds Read
- CVE-2021-4192 vim: vulnerable to Use After Free

[2:8.0.1763-18]
- 2028341 - CVE-2021-3984 vim: illegal memory access when C-indenting could lead to Heap Buffer Overflow [rhel-8.6.0]
- 2028430 - CVE-2021-4019 vim: heap-based buffer overflow in find_help_tags() in src/help.c [rhel-8.6.0]

[2:8.0.1763-17]
- 2016201 - CVE-2021-3872 vim: heap-based buffer overflow in win_redr_status() drawscreen.c [rhel-8.6.0]


_______________________________________________
El-errata mailing list
[email protected]
https://oss.oracle.com/mailman/listinfo/el-errata

Oracle8: ELSA-2022-5319: vim Moderate Security Update

Summary

Description of changes: [2:8.0.1763-19.0.1.2] - Remove upstream references [Orabug: 31197557] - Added glibc-gconv-extra to common requires to provide ISO-8859-2 [Orabug: 34114984] [2:8.0.1763-19.2] - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read [2:8.0.1763-19.1] - CVE-2022-1154 vim: use after free in utf_ptr2char [2:8.0.1763-19] - CVE-2022-0361 vim: Heap-based Buffer Overflow in GitHub repository [2:8.0.1763-18] - CVE-2022-0392 vim: heap-based buffer overflow in getexmodeline() in ex_getln.c - CVE-2022-0413 vim: use after free in src/ex_cmds.c [2:8.0.1763-18] - fix test suite after fix for CVE-2022-0318 - CVE-2022-0359 vim: heap-based buffer overflow in init_ccline() in ex_getln.c [2:8.0.1763-18] - CVE-2022-0261 vim: Heap-based Buffer Overflow in block_insert() in src/ops.c - CVE-2022-0318 vim: heap-based buffer overflow in utf_head_off() in mbyte.c [2:8.0.1763-18] - CVE-2021-4193 vim: vulnerable to Out-of-bounds Read - CVE-2021-4192 vim: vulnerable to Use After Free [2:8.0.1763-18] - 2028341 - CVE-2021-3984 vim: illegal memory access when C-indenting could lead to Heap Buffer Overflow [rhel-8.6.0] - 2028430 - CVE-2021-4019 vim: heap-based buffer overflow in find_help_tags() in src/help.c [rhel-8.6.0] [2:8.0.1763-17] - 2016201 - CVE-2021-3872 vim: heap-based buffer overflow in win_redr_status() drawscreen.c [rhel-8.6.0]

i386

x86_64

vim-X11-8.0.1763-19.0.1.el8_6.2.x86_64.rpm vim-common-8.0.1763-19.0.1.el8_6.2.x86_64.rpm vim-enhanced-8.0.1763-19.0.1.el8_6.2.x86_64.rpm vim-filesystem-8.0.1763-19.0.1.el8_6.2.noarch.rpm vim-minimal-8.0.1763-19.0.1.el8_6.2.x86_64.rpm aarch64: vim-X11-8.0.1763-19.0.1.el8_6.2.aarch64.rpm vim-common-8.0.1763-19.0.1.el8_6.2.aarch64.rpm vim-enhanced-8.0.1763-19.0.1.el8_6.2.aarch64.rpm vim-filesystem-8.0.1763-19.0.1.el8_6.2.noarch.rpm vim-minimal-8.0.1763-19.0.1.el8_6.2.aarch64.rpm

SRPMS

https://oss.oracle.com/ol8/SRPMS-updates/vim-8.0.1763-19.0.1.el8_6.2.src.rpm

Severity
Related CVEs: CVE-2022-1621 CVE-2022-1629

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.