Stay Secure with the Latest Linux Advisories

security advisorybuffer overflowsoftware update

Fedora 34: 2022-b605768c94 Moderate: VIM Buffer Overflow Threat

The newest upstream commit Security fixes for CVE-2022-1381, CVE-2022-1420. --------------------------------------------------------------------------------Fedora Update Notification FEDORA-2022-b605768c94 2022-04-30 18:40:14.826096 --------------------------------------------------------------------------------Name : vim Product : Fedora 34 Version : 8.2.4804 Release : 1.fc34 URL : https://www.vim.org/ Summary : The VIM editor Description : VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. --------------------------------------------------------------------------------Update Information: The newest upstream commit Security fixes for CVE-2022-1381, CVE-2022-1420 --------------------------------------------------------------------------------ChangeLog: * Fri Apr 22 2022 Zdenek Dohnal - 2:8.2.4804-1 - patchlevel 4804 * Fri Apr 8 2022 Zdenek Dohnal - 2:8.2.4701-2 - fix the upstream testsuite failure due downstream patch --------------------------------------------------------------------------------References: [ 1 ] Bug #2076170 - CVE-2022-1381 vim: global heap buffer overflow in skip_range https://bugzilla.redhat.com/show_bug.cgi?id=2076170 [ 2 ] Bug #2077734 - CVE-2022-1420 vim: Out-of-range Pointer Offset https://bugzilla.redhat.com/show_bug.cgi?id=2077734 --------------------------------------------------------------------------------This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2022-b605768c94' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the FedoraProject can be found at https://fedoraproject.org/security/ --------------------------------------------------------------------------------_______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam on the list, report it: https://pagure.io/fedora-infrastructure . Uncover the newest Fedora enhancement for VIM, highlighting vital security patches for urgent vulnerabilities impacting its user base.. Fedora Update,VIM Editor,Buffer Overflow,Security Fixes,Software Update. . LinuxSecurity.com Team

Apr 30, 2022 Fedora