Alerts This Week
Warning Icon 1 609
Alerts This Week
Warning Icon 1 609

Stay Secure with the Latest Linux Advisories

Fedora Large Esm H800
Fedora

Fedora 44 Transmission 4.1.2 Important Clickjacking Fix CVE-2026-38978

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 libre 4.8.1 Critical Update Details for Real-Time Communication

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 NextCloud Update Denial of Service JSON Tampering 2026-30881a5be7

Calendar White Jun 05, 2026
Important
Fedora Large Esm H800
Fedora

Fedora 44 python-starlette Security Fix for CVE-2026-48710

Calendar White Jun 05, 2026
Critical
Fedora Large Esm H900
Fedora

Fedora 44 perl-Cpanel-JSON-XS Moderate Denial of Service CVE-2026-9516

Calendar White Jun 05, 2026
Important
Fedora Large Esm H900
Fedora

Fedora 44 rubygem-yard High Path Traversal Fix Vuln 2026-acefc1fe48

Calendar White Jun 05, 2026
high
Fedora Large Esm H800
Fedora

Fedora 44 Rust Sequoia Sop Low-Severity Fix Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-sq Low Threat Security Advisory 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Fedora Large Esm H900
Fedora

Fedora 44 rust-sequoia-wot Low Severity Security Fix 2026-5c5f4f40a4

Calendar White Jun 05, 2026
Low
Filter Icon Refine advisories
X Clear Filters
X Clear Filters
View More

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200
Loading...

Explore Latest Linux Security advisories

We found 11 articles for you...
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorysecurity patchlow severity

SUSE: 2024:4409-1 low: Recommended Update for vim Security Fixes

* bsc#1220618 * bsc#1229238 * bsc#1231373 Cross-References: . # Recommended update for vim Announcement ID: SUSE-SU-2024:4409-1 Release Date: 2024-12-23T09:20:55Z Rating: low References: * bsc#1220618 * bsc#1229238 * bsc#1231373 Cross-References: * CVE-2024-43374 * CVE-2024-47814 CVSS scores: * CVE-2024-43374 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-43374 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-47814 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L * CVE-2024-47814 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2024-47814 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L Affected Products: * SUSE Linux Enterprise High Performance Computing 12 SP5 * SUSE Linux Enterprise Server 12 SP5 * SUSE Linux Enterprise Server 12 SP5 LTSS * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security * SUSE Linux Enterprise Server for SAP Applications 12 SP5 An update that solves two vulnerabilities and has one security fix can now be installed. ## Description: This update for vim fixes the following issues: * CVE-2024-47814: Fixed use-after-free when closing buffers in Vim (bsc#1231373) * CVE-2024-43374: Fixed use-after-free in alist_add() (bsc#1229238) Other fixes: * Remove patch that introduced a bug caused significantly more CPU usage (bsc#1220618) * Updated to version 9.1.0836 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Server 12 SP5 LTSS zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-2024-4409=1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security zypper in -t patch SUSE-SLE-SERVER-12-SP5-LTSS-EXTENDED-SECURITY-2024-4409=1 ## Package List: * SUSE Linux Enterprise Server 12 SP5 LTSS(aarch64 ppc64le s390x x86_64) * vim-debuginfo-9.1.0836-17.38.1 * vim-debugsource-9.1.0836-17.38.1 * gvim-9.1.0836-17.38.1 * gvim-debuginfo-9.1.0836-17.38.1 * vim-9.1.0836-17.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS (noarch) * vim-data-9.1.0836-17.38.1 * vim-data-common-9.1.0836-17.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (x86_64) * vim-debuginfo-9.1.0836-17.38.1 * vim-debugsource-9.1.0836-17.38.1 * gvim-9.1.0836-17.38.1 * gvim-debuginfo-9.1.0836-17.38.1 * vim-9.1.0836-17.38.1 * SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security (noarch) * vim-data-9.1.0836-17.38.1 * vim-data-common-9.1.0836-17.38.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43374.html * https://www.suse.com/security/cve/CVE-2024-47814.html * https://bugzilla.suse.com/show_bug.cgi?id=1220618 * https://bugzilla.suse.com/show_bug.cgi?id=1229238 * https://bugzilla.suse.com/show_bug.cgi?id=1231373 . Suggested enhancements for vim resolve and tackle two concerns in SUSE 12 SP5, with implications for hardware that require consideration.. SUSE, vim, security update, use-after-free, low severity. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Dec 23, 2024 Low SuSE
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisorylow severityvim update

openSUSE 15.x: SUSE-SU-2024:4330-1 low: vim use-after-free

An update that solves two vulnerabilities can now be installed.. # Security update for vim Announcement ID: SUSE-SU-2024:4330-1 Release Date: 2024-12-16T13:17:36Z Rating: low References: * bsc#1229238 * bsc#1231373 Cross-References: * CVE-2024-43374 * CVE-2024-47814 CVSS scores: * CVE-2024-43374 ( SUSE ): 4.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N * CVE-2024-43374 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2024-47814 ( SUSE ): 2.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:A/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L * CVE-2024-47814 ( SUSE ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L * CVE-2024-47814 ( NVD ): 3.9 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:L Affected Products: * Basesystem Module 15-SP5 * Basesystem Module 15-SP6 * Desktop Applications Module 15-SP5 * Desktop Applications Module 15-SP6 * openSUSE Leap 15.5 * openSUSE Leap 15.6 * openSUSE Leap Micro 5.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise Desktop 15 SP6 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Real Time 15 SP6 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server 15 SP6 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP6 An update that solves two vulnerabilities can now be installed. ## Description: This update for vim fixes the following issues: * CVE-2024-47814: Fixed use-after-free when closing buffers in Vim (bsc#1231373) * CVE-2024-43374: Fixed use-after-free in alist_add() (bsc#1229238) Other fixes: * Updated to version 9.1.0836 ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patchSUSE-2024-4330=1 openSUSE-SLE-15.5-2024-4330=1 * openSUSE Leap Micro 5.5 zypper in -t patch openSUSE-Leap-Micro-5.5-2024-4330=1 * openSUSE Leap 15.6 zypper in -t patch openSUSE-SLE-15.6-2024-4330=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2024-4330=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2024-4330=1 * Basesystem Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP6-2024-4330=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2024-4330=1 * Desktop Applications Module 15-SP6 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP6-2024-4330=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * vim-small-9.1.0836-150500.20.15.1 * gvim-9.1.0836-150500.20.15.1 * vim-debuginfo-9.1.0836-150500.20.15.1 * gvim-debuginfo-9.1.0836-150500.20.15.1 * vim-small-debuginfo-9.1.0836-150500.20.15.1 * vim-debugsource-9.1.0836-150500.20.15.1 * vim-9.1.0836-150500.20.15.1 * openSUSE Leap 15.5 (noarch) * vim-data-common-9.1.0836-150500.20.15.1 * vim-data-9.1.0836-150500.20.15.1 * openSUSE Leap Micro 5.5 (noarch) * vim-data-common-9.1.0836-150500.20.15.1 * openSUSE Leap Micro 5.5 (aarch64 s390x x86_64) * vim-debugsource-9.1.0836-150500.20.15.1 * vim-debuginfo-9.1.0836-150500.20.15.1 * vim-small-9.1.0836-150500.20.15.1 * vim-small-debuginfo-9.1.0836-150500.20.15.1 * openSUSE Leap 15.6 (aarch64 ppc64le s390x x86_64) * vim-small-9.1.0836-150500.20.15.1 * gvim-9.1.0836-150500.20.15.1 * vim-debuginfo-9.1.0836-150500.20.15.1 * gvim-debuginfo-9.1.0836-150500.20.15.1 * vim-small-debuginfo-9.1.0836-150500.20.15.1 * vim-debugsource-9.1.0836-150500.20.15.1 * vim-9.1.0836-150500.20.15.1 * openSUSE Leap 15.6 (noarch) * vim-data-common-9.1.0836-150500.20.15.1 * vim-data-9.1.0836-150500.20.15.1 * SUSE Linux EnterpriseMicro 5.5 (noarch) * vim-data-common-9.1.0836-150500.20.15.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 ppc64le s390x x86_64) * vim-debugsource-9.1.0836-150500.20.15.1 * vim-debuginfo-9.1.0836-150500.20.15.1 * vim-small-9.1.0836-150500.20.15.1 * vim-small-debuginfo-9.1.0836-150500.20.15.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * vim-small-9.1.0836-150500.20.15.1 * vim-debuginfo-9.1.0836-150500.20.15.1 * vim-small-debuginfo-9.1.0836-150500.20.15.1 * vim-debugsource-9.1.0836-150500.20.15.1 * vim-9.1.0836-150500.20.15.1 * Basesystem Module 15-SP5 (noarch) * vim-data-common-9.1.0836-150500.20.15.1 * vim-data-9.1.0836-150500.20.15.1 * Basesystem Module 15-SP6 (aarch64 ppc64le s390x x86_64) * vim-small-9.1.0836-150500.20.15.1 * vim-debuginfo-9.1.0836-150500.20.15.1 * vim-small-debuginfo-9.1.0836-150500.20.15.1 * vim-debugsource-9.1.0836-150500.20.15.1 * vim-9.1.0836-150500.20.15.1 * Basesystem Module 15-SP6 (noarch) * vim-data-common-9.1.0836-150500.20.15.1 * vim-data-9.1.0836-150500.20.15.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) * vim-debugsource-9.1.0836-150500.20.15.1 * vim-debuginfo-9.1.0836-150500.20.15.1 * gvim-debuginfo-9.1.0836-150500.20.15.1 * gvim-9.1.0836-150500.20.15.1 * Desktop Applications Module 15-SP6 (aarch64 ppc64le s390x x86_64) * vim-debugsource-9.1.0836-150500.20.15.1 * vim-debuginfo-9.1.0836-150500.20.15.1 * gvim-debuginfo-9.1.0836-150500.20.15.1 * gvim-9.1.0836-150500.20.15.1 ## References: * https://www.suse.com/security/cve/CVE-2024-43374.html * https://www.suse.com/security/cve/CVE-2024-47814.html * https://bugzilla.suse.com/show_bug.cgi?id=1229238 * https://bugzilla.suse.com/show_bug.cgi?id=1231373 . A security update for vim addresses use-after-free vulnerabilities present in openSUSE, classified with a low severity score. Further information included.. vim security update, openSUSE advisory, SUSE Linux patch,software vulnerabilities, use-after-free issue. . Severity: Low. LinuxSecurity.com Team

Calendar 2 Dec 16, 2024 Low OpenSUSE
Banner 1 1028x280 1708121660 1771599717
100
Ls Advisories Suse Esm H240
Price Tag 1security advisorybuffer overflowcode execution

SUSE: 2023:4557-1 Critical: vim heap overflow and other issues

* bsc#1214922 * bsc#1214924 * bsc#1214925 * bsc#1215004 * bsc#1215006 . # Security update for vim Announcement ID: SUSE-SU-2023:4557-1 Rating: important References: * bsc#1214922 * bsc#1214924 * bsc#1214925 * bsc#1215004 * bsc#1215006 * bsc#1215033 * bsc#1215940 * bsc#1216001 * bsc#1216167 * bsc#1216696 Cross-References: * CVE-2023-46246 * CVE-2023-4733 * CVE-2023-4734 * CVE-2023-4735 * CVE-2023-4738 * CVE-2023-4752 * CVE-2023-4781 * CVE-2023-5344 * CVE-2023-5441 * CVE-2023-5535 CVSS scores: * CVE-2023-46246 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-46246 ( NVD ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-4733 ( SUSE ): 8.2 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H * CVE-2023-4733 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4733 ( NVD ): 7.3 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4734 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L * CVE-2023-4734 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4734 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4735 ( SUSE ): 3.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N * CVE-2023-4735 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4735 ( NVD ): 4.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L * CVE-2023-4738 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4738 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4738 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4752 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4752 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4752 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4781 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4781 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-4781( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-5344 ( SUSE ): 4.0 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-5344 ( NVD ): 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5344 ( NVD ): 4.0 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L * CVE-2023-5441 ( SUSE ): 6.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5441 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-5441 ( NVD ): 6.2 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H * CVE-2023-5535 ( SUSE ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-5535 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-5535 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP5 * Desktop Applications Module 15-SP5 * openSUSE Leap 15.5 * SUSE Linux Enterprise Desktop 15 SP5 * SUSE Linux Enterprise High Performance Computing 15 SP5 * SUSE Linux Enterprise Micro 5.5 * SUSE Linux Enterprise Real Time 15 SP5 * SUSE Linux Enterprise Server 15 SP5 * SUSE Linux Enterprise Server for SAP Applications 15 SP5 An update that solves 10 vulnerabilities can now be installed. ## Description: This update for vim fixes the following issues: Updated to version 9.0 with patch level 2103, fixes the following security problems * CVE-2023-5344: vim: Heap-based Buffer Overflow in vim prior to 9.0.1969 (bsc#1215940) * CVE-2023-5441: vim: segfault in exmode when redrawing (bsc#1216001) * CVE-2023-5535: vim: use-after-free from buf_contents_changed() (bsc#1216167) * CVE-2023-46246: vim: Integer Overflow in :history command (bsc#1216696) * CVE-2023-4738: vim: heap-buffer-overflow in vim_regsub_both (bsc#1214922) * CVE-2023-4735: vim: OOB Write ops.c (bsc#1214924) * CVE-2023-4734: vim: segmentation fault in function f_fullcommand (bsc#1214925) * CVE-2023-4733: vim: use-after-free in function buflist_altfpos (bsc#1215004) * CVE-2023-4752: vim: Heap Use After Free infunction ins_compl_get_exp (bsc#1215006) * CVE-2023-4781: vim: heap-buffer-overflow in function vim_regsub_both (bsc#1215033) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap 15.5 zypper in -t patch SUSE-2023-4557=1 openSUSE-SLE-15.5-2023-4557=1 * SUSE Linux Enterprise Micro 5.5 zypper in -t patch SUSE-SLE-Micro-5.5-2023-4557=1 * Basesystem Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP5-2023-4557=1 * Desktop Applications Module 15-SP5 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP5-2023-4557=1 ## Package List: * openSUSE Leap 15.5 (aarch64 ppc64le s390x x86_64 i586) * vim-9.0.2103-150500.20.6.1 * gvim-debuginfo-9.0.2103-150500.20.6.1 * vim-small-9.0.2103-150500.20.6.1 * gvim-9.0.2103-150500.20.6.1 * vim-debugsource-9.0.2103-150500.20.6.1 * vim-small-debuginfo-9.0.2103-150500.20.6.1 * vim-debuginfo-9.0.2103-150500.20.6.1 * openSUSE Leap 15.5 (noarch) * vim-data-9.0.2103-150500.20.6.1 * vim-data-common-9.0.2103-150500.20.6.1 * SUSE Linux Enterprise Micro 5.5 (noarch) * vim-data-common-9.0.2103-150500.20.6.1 * SUSE Linux Enterprise Micro 5.5 (aarch64 s390x x86_64) * vim-debugsource-9.0.2103-150500.20.6.1 * vim-small-debuginfo-9.0.2103-150500.20.6.1 * vim-small-9.0.2103-150500.20.6.1 * vim-debuginfo-9.0.2103-150500.20.6.1 * Basesystem Module 15-SP5 (aarch64 ppc64le s390x x86_64) * vim-9.0.2103-150500.20.6.1 * vim-small-9.0.2103-150500.20.6.1 * vim-debugsource-9.0.2103-150500.20.6.1 * vim-small-debuginfo-9.0.2103-150500.20.6.1 * vim-debuginfo-9.0.2103-150500.20.6.1 * Basesystem Module 15-SP5 (noarch) * vim-data-9.0.2103-150500.20.6.1 * vim-data-common-9.0.2103-150500.20.6.1 * Desktop Applications Module 15-SP5 (aarch64 ppc64le s390x x86_64) *vim-debugsource-9.0.2103-150500.20.6.1 * gvim-debuginfo-9.0.2103-150500.20.6.1 * vim-debuginfo-9.0.2103-150500.20.6.1 * gvim-9.0.2103-150500.20.6.1 ## References: * https://www.suse.com/security/cve/CVE-2023-46246.html * https://www.suse.com/security/cve/CVE-2023-4733.html * https://www.suse.com/security/cve/CVE-2023-4734.html * https://www.suse.com/security/cve/CVE-2023-4735.html * https://www.suse.com/security/cve/CVE-2023-4738.html * https://www.suse.com/security/cve/CVE-2023-4752.html * https://www.suse.com/security/cve/CVE-2023-4781.html * https://www.suse.com/security/cve/CVE-2023-5344.html * https://www.suse.com/security/cve/CVE-2023-5441.html * https://www.suse.com/security/cve/CVE-2023-5535.html * https://bugzilla.suse.com/show_bug.cgi?id=1214922 * https://bugzilla.suse.com/show_bug.cgi?id=1214924 * https://bugzilla.suse.com/show_bug.cgi?id=1214925 * https://bugzilla.suse.com/show_bug.cgi?id=1215004 * https://bugzilla.suse.com/show_bug.cgi?id=1215006 * https://bugzilla.suse.com/show_bug.cgi?id=1215033 * https://bugzilla.suse.com/show_bug.cgi?id=1215940 * https://bugzilla.suse.com/show_bug.cgi?id=1216001 * https://bugzilla.suse.com/show_bug.cgi?id=1216167 * https://bugzilla.suse.com/show_bug.cgi?id=1216696 . A recent security patch for vim has been released, outlining corrections and severity assessments for various vulnerabilities.. SUSE Linux, vim update, security patch, maintenance, important fixes. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 24, 2023 Critical SuSE
89
Ls Advisories Fedora Esm H240
Price Tag 1security advisoryfedorabuffer overflow

Fedora 39: Critical Vim Memory Issues Resolved in 2023-1976197889 Update

Security fix for CVE-2023-5535, CVE-2023-5441 ---- patchlevel 1984 ---- The newest upstream commit. -------------------------------------------------------------------------------- Fedora Update Notification FEDORA-2023-1976197889 2023-11-03 18:20:20.955902 -------------------------------------------------------------------------------- Name : vim Product : Fedora 39 Version : 9.0.2048 Release : 1.fc39 URL : https://www.vim.org/ Summary : The VIM editor Description : VIM (VIsual editor iMproved) is an updated and improved version of the vi editor. Vi was the first real screen-based editor for UNIX, and is still very popular. VIM improves on vi by adding new features: multiple windows, multi-level undo, block highlighting and more. -------------------------------------------------------------------------------- Update Information: Security fix for CVE-2023-5535, CVE-2023-5441 ---- patchlevel 1984 ---- The newest upstream commit -------------------------------------------------------------------------------- ChangeLog: * Wed Oct 18 2023 Zdenek Dohnal - 2:9.0.2048-1 - patchlevel 2048 * Thu Oct 5 2023 Remi Collet - 2:9.0.1984-2 - rebuild for new libsodium * Thu Oct 5 2023 Zdenek Dohnal - 2:9.0.1984-1 - patchlevel 1984 * Mon Oct 2 2023 Zdenek Dohnal - 2:9.0.1968-1 - patchlevel 1968 -------------------------------------------------------------------------------- References: [ 1 ] Bug #2242141 - CVE-2023-5344 vim: Heap-based Buffer Overflow in trunc_string() https://bugzilla.redhat.com/show_bug.cgi?id=2242141 [ 2 ] Bug #2242926 - CVE-2023-5441 vim: NULL pointer dereference in screen_line() in src/screen.c https://bugzilla.redhat.com/show_bug.cgi?id=2242926 [ 3 ] Bug #2244101 - CVE-2023-5535 vim: use after free https://bugzilla.redhat.com/show_bug.cgi?id=2244101 -------------------------------------------------------------------------------- This update can be installed with the "dnf"update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-1976197889' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html All packages are signed with the Fedora Project GPG key. More details on the GPG keys used by the Fedora Project can be found at https://fedoraproject.org/security/ -------------------------------------------------------------------------------- _______________________________________________ package-announce mailing list -- This email address is being protected from spambots. You need JavaScript enabled to view it. To unsubscribe send an email to This email address is being protected from spambots. You need JavaScript enabled to view it. Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./ Do not reply to spam, report it: . Important security patch for Fedora 39's vim released, addressing vulnerabilities such as stack overflow and enhancing overall system performance.. Fedora Security Advisory,Vim Update,Memory Safety Fix. . Severity: Critical. LinuxSecurity.com Team

Calendar 2 Nov 03, 2023 Critical Fedora
Banner 1 1028x280 1708121660 1771599717
202
Ls Advisories Opensuse Esm H240
Price Tag 1security advisoryupdateimportant

openSUSE: 2023:2640-1 important: vim NULL pointer dereference

This update for vim fixes the following issues: CVE-2023-2426: Fixed out-of-range pointer offset (bsc#1210996). CVE-2023-2609: Fixed NULL pointer dereference (bsc#1211256).. # Security update for vim Announcement ID: SUSE-SU-2023:2640-1 Rating: important References: * #1210996 * #1211256 * #1211257 Cross-References: * CVE-2023-2426 * CVE-2023-2609 * CVE-2023-2610 CVSS scores: * CVE-2023-2426 ( SUSE ): 6.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H * CVE-2023-2426 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H * CVE-2023-2426 ( NVD ): 6.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L * CVE-2023-2609 ( SUSE ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-2609 ( NVD ): 5.5 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H * CVE-2023-2609 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-2610 ( SUSE ): 7.1 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:H * CVE-2023-2610 ( NVD ): 7.8 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H * CVE-2023-2610 ( NVD ): 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Affected Products: * Basesystem Module 15-SP4 * Desktop Applications Module 15-SP4 * openSUSE Leap 15.4 * openSUSE Leap Micro 5.3 * openSUSE Leap Micro 5.4 * SUSE CaaS Platform 4.0 * SUSE Enterprise Storage 7 * SUSE Enterprise Storage 7.1 * SUSE Linux Enterprise Desktop 15 SP4 * SUSE Linux Enterprise High Performance Computing 15 SP1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise High Performance Computing 15 SP2 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise High Performance Computing 15 SP3 * SUSE Linux Enterprise High Performance Computing 15 SP4 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 * SUSE Linux Enterprise Micro 5.1 * SUSE Linux Enterprise Micro 5.2 * SUSE Linux Enterprise Micro 5.3 * SUSE LinuxEnterprise Micro 5.4 * SUSE Linux Enterprise Micro for Rancher 5.2 * SUSE Linux Enterprise Micro for Rancher 5.3 * SUSE Linux Enterprise Micro for Rancher 5.4 * SUSE Linux Enterprise Real Time 15 SP3 * SUSE Linux Enterprise Real Time 15 SP4 * SUSE Linux Enterprise Server 15 SP1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 * SUSE Linux Enterprise Server 15 SP2 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 * SUSE Linux Enterprise Server 15 SP3 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 * SUSE Linux Enterprise Server 15 SP4 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 * SUSE Linux Enterprise Server for SAP Applications 15 SP4 * SUSE Manager Proxy 4.2 * SUSE Manager Proxy 4.3 * SUSE Manager Retail Branch Server 4.2 * SUSE Manager Retail Branch Server 4.3 * SUSE Manager Server 4.2 * SUSE Manager Server 4.3 An update that solves three vulnerabilities can now be installed. ## Description: This update for vim fixes the following issues: * CVE-2023-2426: Fixed out-of-range pointer offset (bsc#1210996). * CVE-2023-2609: Fixed NULL pointer dereference (bsc#1211256). * CVE-2023-2610: Fixed integer overflow or wraparound (bsc#1211257). ## Patch Instructions: To install this SUSE Important update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * openSUSE Leap Micro 5.3 zypper in -t patch openSUSE-Leap-Micro-5.3-2023-2640=1 * openSUSE Leap Micro 5.4 zypper in -t patch openSUSE-Leap-Micro-5.4-2023-2640=1 * openSUSE Leap 15.4 zypper in -t patch openSUSE-SLE-15.4-2023-2640=1 * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-2640=1 * SUSE Linux Enterprise Micro 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2023-2640=1 * SUSE LinuxEnterprise Micro for Rancher 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-2640=1 * SUSE Linux Enterprise Micro 5.4 zypper in -t patch SUSE-SLE-Micro-5.4-2023-2640=1 * Basesystem Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Basesystem-15-SP4-2023-2640=1 * Desktop Applications Module 15-SP4 zypper in -t patch SUSE-SLE-Module-Desktop-Applications-15-SP4-2023-2640=1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-HPC-15-SP1-LTSS-2023-2640=1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-HPC-15-SP2-LTSS-2023-2640=1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-2640=1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 zypper in -t patch SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-2640=1 * SUSE Linux Enterprise Real Time 15 SP3 zypper in -t patch SUSE-SLE-Product-RT-15-SP3-2023-2640=1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 zypper in -t patch SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-2640=1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 zypper in -t patch SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-2640=1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 zypper in -t patch SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-2640=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP1-2023-2640=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP2-2023-2640=1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 zypper in -t patch SUSE-SLE-Product-SLES_SAP-15-SP3-2023-2640=1 * SUSE Manager Proxy 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Proxy-4.2-2023-2640=1 * SUSE Manager Retail Branch Server 4.2 zypper in -t patchSUSE-SLE-Product-SUSE-Manager-Retail-Branch- Server-4.2-2023-2640=1 * SUSE Manager Server 4.2 zypper in -t patch SUSE-SLE-Product-SUSE-Manager-Server-4.2-2023-2640=1 * SUSE Enterprise Storage 7.1 zypper in -t patch SUSE-Storage-7.1-2023-2640=1 * SUSE Enterprise Storage 7 zypper in -t patch SUSE-Storage-7-2023-2640=1 * SUSE CaaS Platform 4.0 To install this update, use the SUSE CaaS Platform 'skuba' tool. It will inform you if it detects new updates and let you then trigger updating of the complete cluster in a controlled way. * SUSE Linux Enterprise Micro 5.1 zypper in -t patch SUSE-SUSE-MicroOS-5.1-2023-2640=1 * SUSE Linux Enterprise Micro 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-2640=1 * SUSE Linux Enterprise Micro for Rancher 5.2 zypper in -t patch SUSE-SUSE-MicroOS-5.2-2023-2640=1 ## Package List: * openSUSE Leap Micro 5.3 (noarch) * vim-data-common-9.0.1572-150000.5.46.1 * openSUSE Leap Micro 5.3 (aarch64 x86_64) * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-small-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * openSUSE Leap Micro 5.4 (noarch) * vim-data-common-9.0.1572-150000.5.46.1 * openSUSE Leap Micro 5.4 (aarch64 s390x x86_64) * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-small-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64) * vim-small-9.0.1572-150000.5.46.1 * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * openSUSE Leap 15.4 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (noarch) *vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro for Rancher 5.3 (aarch64 s390x x86_64) * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-small-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro 5.3 (noarch) * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro 5.3 (aarch64 s390x x86_64) * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-small-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (noarch) * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro for Rancher 5.4 (aarch64 s390x x86_64) * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-small-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro 5.4 (noarch) * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro 5.4 (aarch64 s390x x86_64) * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-small-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * Basesystem Module 15-SP4 (aarch64 ppc64le s390x x86_64) * vim-small-9.0.1572-150000.5.46.1 * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * Basesystem Module 15-SP4 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * Desktop Applications Module 15-SP4 (aarch64 ppc64le s390x x86_64) * vim-debuginfo-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (aarch64 x86_64) * gvim-9.0.1572-150000.5.46.1 *gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (aarch64 x86_64) * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (aarch64 x86_64) * vim-small-9.0.1572-150000.5.46.1 * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (aarch64 x86_64) * vim-small-9.0.1572-150000.5.46.1 * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Real Time 15 SP3 (x86_64) * vim-small-9.0.1572-150000.5.46.1 * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 *vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Real Time 15 SP3 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (aarch64 ppc64le s390x x86_64) * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (aarch64 ppc64le s390x x86_64) * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (aarch64 ppc64le s390x x86_64) * vim-small-9.0.1572-150000.5.46.1 * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 (ppc64le x86_64) * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP1 (noarch) *vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (ppc64le x86_64) * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP2 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (ppc64le x86_64) * vim-small-9.0.1572-150000.5.46.1 * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Server for SAP Applications 15 SP3 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Manager Proxy 4.2 (x86_64) * vim-small-9.0.1572-150000.5.46.1 * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Manager Proxy 4.2 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Manager Retail Branch Server 4.2 (x86_64) * vim-small-9.0.1572-150000.5.46.1 * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Manager Retail Branch Server 4.2 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Manager Server 4.2 (ppc64le s390x x86_64) * vim-small-9.0.1572-150000.5.46.1 * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 *SUSE Manager Server 4.2 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Enterprise Storage 7.1 (aarch64 x86_64) * vim-small-9.0.1572-150000.5.46.1 * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Enterprise Storage 7.1 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Enterprise Storage 7 (aarch64 x86_64) * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Enterprise Storage 7 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE CaaS Platform 4.0 (x86_64) * gvim-9.0.1572-150000.5.46.1 * gvim-debuginfo-9.0.1572-150000.5.46.1 * vim-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE CaaS Platform 4.0 (noarch) * vim-data-9.0.1572-150000.5.46.1 * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro 5.1 (noarch) * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro 5.1 (aarch64 s390x x86_64) * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-small-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro 5.2 (noarch) * vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro 5.2 (aarch64 s390x x86_64) * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-small-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (noarch) *vim-data-common-9.0.1572-150000.5.46.1 * SUSE Linux Enterprise Micro for Rancher 5.2 (aarch64 s390x x86_64) * vim-small-debuginfo-9.0.1572-150000.5.46.1 * vim-small-9.0.1572-150000.5.46.1 * vim-debugsource-9.0.1572-150000.5.46.1 * vim-debuginfo-9.0.1572-150000.5.46.1 ## References: * https://www.suse.com/security/cve/CVE-2023-2426.html * https://www.suse.com/security/cve/CVE-2023-2609.html * https://www.suse.com/security/cve/CVE-2023-2610.html * https://bugzilla.suse.com/show_bug.cgi?id=1210996 * https://bugzilla.suse.com/show_bug.cgi?id=1211256 * https://bugzilla.suse.com/show_bug.cgi?id=1211257 . Critical vim upgrade released, resolving several security vulnerabilities such as out-of-bounds access and null pointer dereferencing. Upgrade today!. SUSE Security Advisory, vim Update, openSUSE Fix, Software Patch. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Aug 10, 2023 Important OpenSUSE
203
Ls Advisories Mageia Esm H240
Price Tag 1security advisorybuffer overflowheap overflow

Mageia 8 MGASA-2023-0110 Moderate: Vim Buffer Overflow Risk

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. (CVE-2023-1127) Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. (CVE-2023-1170) Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to . MGASA-2023-0110 - Updated vim packages fix security vulnerability Publication date: 24 Mar 2023 URL: https://advisories.mageia.org/MGASA-2023-0110.html Type: security Affected Mageia releases: 8 CVE: CVE-2023-1127, CVE-2023-1170, CVE-2023-1175 Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. (CVE-2023-1127) Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. (CVE-2023-1170) Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. (CVE-2023-1175) References: - https://bugs.mageia.org/show_bug.cgi?id=31637 - https://lists.fedoraproject.org/archives/list/This email address is being protected from spambots. You need JavaScript enabled to view it./thread/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/ - https://lists.suse.com/pipermail/sle-security-updates/2023-March/014068.html - https://www.cve.org/CVERecord?id=CVE-2023-1127 - https://www.cve.org/CVERecord?id=CVE-2023-1170 - https://www.cve.org/CVERecord?id=CVE-2023-1175 SRPMS: - 8/core/vim-9.0.1411-1.mga8 . Recent updates for vim packages on Mageia tackle essential security vulnerabilities such as stack overflow and buffer limit flaws. Discover more!. buffer overflow,vim security,heap overflow,Mageia update,security patches. . LinuxSecurity.com Team

Calendar 2 Mar 24, 2023 Mageia
Banner 1 1028x280 1708121660 1771599717
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorybuffer overflowvim update

Oracle Linux 9 ELSA-2022-5242 Moderate: Vim Security Advisory

The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-5242 https://linux.oracle.com/errata/ELSA-2022-5242.html The following updated rpms for Oracle Linux 9 have been uploaded to the Unbreakable Linux Network: x86_64: vim-X11-8.2.2637-16.0.1.el9_0.2.x86_64.rpm vim-common-8.2.2637-16.0.1.el9_0.2.x86_64.rpm vim-enhanced-8.2.2637-16.0.1.el9_0.2.x86_64.rpm vim-filesystem-8.2.2637-16.0.1.el9_0.2.noarch.rpm vim-minimal-8.2.2637-16.0.1.el9_0.2.x86_64.rpm aarch64: vim-X11-8.2.2637-16.0.1.el9_0.2.aarch64.rpm vim-common-8.2.2637-16.0.1.el9_0.2.aarch64.rpm vim-enhanced-8.2.2637-16.0.1.el9_0.2.aarch64.rpm vim-filesystem-8.2.2637-16.0.1.el9_0.2.noarch.rpm vim-minimal-8.2.2637-16.0.1.el9_0.2.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol9/SRPMS-updates/vim-8.2.2637-16.0.1.el9_0.2.src.rpm Related CVEs: CVE-2022-0554 CVE-2022-0943 CVE-2022-1154 CVE-2022-1420 CVE-2022-1621 CVE-2022-1629 Description of changes: [8.2.2637-16.0.1] - - Remove upstream references [Orabug: 31197557] [2:8.2.2637-16.2] - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read [2:8.2.2637-16.1] - CVE-2022-0554 vim: Use of Out-of-range Pointer Offset in vim prior - CVE-2022-0943 vim: Heap-based Buffer Overflow occurs in vim - CVE-2022-1154 vim: use after free in utf_ptr2char - CVE-2022-1420 vim: Out-of-range Pointer Offset _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . The latest update for Oracle Linux 9 introduces several moderate patches for vim, aimed at resolving multiple security issues and vulnerabilities.. Oracle Linux,Vim Update,Security Advisory,Moderate Fixes,Buffer Overflow. . Severity: Important. LinuxSecurity.com Team

Calendar 2 Jul 01, 2022 Important Oracle
217
Ls Advisories Oracle Esm H240
Price Tag 1security advisorysecurity issuebuffer overflow

Oracle Linux 8 ELSA-2022-5320 Moderate: Vim Memory Leak Vulnerability

The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: . Oracle Linux Security Advisory ELSA-2022-5319 https://linux.oracle.com/errata/ELSA-2022-5319.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: vim-X11-8.0.1763-19.0.1.el8_6.2.x86_64.rpm vim-common-8.0.1763-19.0.1.el8_6.2.x86_64.rpm vim-enhanced-8.0.1763-19.0.1.el8_6.2.x86_64.rpm vim-filesystem-8.0.1763-19.0.1.el8_6.2.noarch.rpm vim-minimal-8.0.1763-19.0.1.el8_6.2.x86_64.rpm aarch64: vim-X11-8.0.1763-19.0.1.el8_6.2.aarch64.rpm vim-common-8.0.1763-19.0.1.el8_6.2.aarch64.rpm vim-enhanced-8.0.1763-19.0.1.el8_6.2.aarch64.rpm vim-filesystem-8.0.1763-19.0.1.el8_6.2.noarch.rpm vim-minimal-8.0.1763-19.0.1.el8_6.2.aarch64.rpm SRPMS: https://oss.oracle.com:443/ol8/SRPMS-updates/vim-8.0.1763-19.0.1.el8_6.2.src.rpm Related CVEs: CVE-2022-1621 CVE-2022-1629 Description of changes: [2:8.0.1763-19.0.1.2] - Remove upstream references [Orabug: 31197557] - Added glibc-gconv-extra to common requires to provide ISO-8859-2 [Orabug: 34114984] [2:8.0.1763-19.2] - CVE-2022-1621 vim: heap buffer overflow - CVE-2022-1629 vim: buffer over-read [2:8.0.1763-19.1] - CVE-2022-1154 vim: use after free in utf_ptr2char [2:8.0.1763-19] - CVE-2022-0361 vim: Heap-based Buffer Overflow in GitHub repository [2:8.0.1763-18] - CVE-2022-0392 vim: heap-based buffer overflow in getexmodeline() in ex_getln.c - CVE-2022-0413 vim: use after free in src/ex_cmds.c [2:8.0.1763-18] - fix test suite after fix for CVE-2022-0318 - CVE-2022-0359 vim: heap-based buffer overflow in init_ccline() in ex_getln.c [2:8.0.1763-18] - CVE-2022-0261 vim: Heap-based Buffer Overflow in block_insert() in src/ops.c - CVE-2022-0318 vim: heap-based buffer overflow in utf_head_off() in mbyte.c [2:8.0.1763-18] - CVE-2021-4193 vim: vulnerable to Out-of-bounds Read - CVE-2021-4192 vim: vulnerable to Use After Free [2:8.0.1763-18] - 2028341 - CVE-2021-3984 vim: illegal memory access when C-indenting couldlead to Heap Buffer Overflow [rhel-8.6.0] - 2028430 - CVE-2021-4019 vim: heap-based buffer overflow in find_help_tags() in src/help.c [rhel-8.6.0] [2:8.0.1763-17] - 2016201 - CVE-2021-3872 vim: heap-based buffer overflow in win_redr_status() drawscreen.c [rhel-8.6.0] _______________________________________________ El-errata mailing list This email address is being protected from spambots. You need JavaScript enabled to view it. https://oss.oracle.com/mailman/listinfo/el-errata . Oracle Linux 8 has a security update ELSA-2022-5319 for vim addressing multiple buffer overflow issues.. Oracle Linux 8 Security,vim Update,ELSA-2022-5319,Buffer Overflow Issues. . LinuxSecurity.com Team

Calendar 2 Jul 01, 2022 Oracle
Banner 1 1028x280 1708121660 1771599717
News Add Esm H240

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Community Poll

More Polls

What got you started with Linux?

No answer selected. Please try again.
Please select either existing option or enter your own, however not both.
Please select minimum {0} answer(s).
Please select maximum {0} answer(s).
/main-polls/150-what-got-you-started-with-linux?task=poll.vote&format=json
150
radio
0
[{"id":483,"title":"Self-taught through trial and error","votes":545,"type":"x","order":1,"pct":78.42,"resources":[]},{"id":484,"title":"Formal training or courses","votes":30,"type":"x","order":2,"pct":4.32,"resources":[]},{"id":485,"title":"A job that required it","votes":34,"type":"x","order":3,"pct":4.89,"resources":[]},{"id":486,"title":"Other","votes":86,"type":"x","order":4,"pct":12.37,"resources":[]}] ["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"] ["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"] 350
bottom 200

Search Topics

Your message here