Stay Connected:

ELSA-2022-5319

ELSA-2022-5319 - vim security update

Type:SECURITY
Impact:MODERATE
Release Date:2022-07-01

Description


[2:8.0.1763-19.0.1.2]
- Remove upstream references [Orabug: 31197557]
- Added glibc-gconv-extra to common requires to provide ISO-8859-2 [Orabug: 34114984]

[2:8.0.1763-19.2]
- CVE-2022-1621 vim: heap buffer overflow
- CVE-2022-1629 vim: buffer over-read

[2:8.0.1763-19.1]
- CVE-2022-1154 vim: use after free in utf_ptr2char

[2:8.0.1763-19]
- CVE-2022-0361 vim: Heap-based Buffer Overflow in GitHub repository

[2:8.0.1763-18]
- CVE-2022-0392 vim: heap-based buffer overflow in getexmodeline() in ex_getln.c
- CVE-2022-0413 vim: use after free in src/ex_cmds.c

[2:8.0.1763-18]
- fix test suite after fix for CVE-2022-0318
- CVE-2022-0359 vim: heap-based buffer overflow in init_ccline() in ex_getln.c

[2:8.0.1763-18]
- CVE-2022-0261 vim: Heap-based Buffer Overflow in block_insert() in src/ops.c
- CVE-2022-0318 vim: heap-based buffer overflow in utf_head_off() in mbyte.c

[2:8.0.1763-18]
- CVE-2021-4193 vim: vulnerable to Out-of-bounds Read
- CVE-2021-4192 vim: vulnerable to Use After Free

[2:8.0.1763-18]
- 2028341 - CVE-2021-3984 vim: illegal memory access when C-indenting could lead to Heap Buffer Overflow [rhel-8.6.0]
- 2028430 - CVE-2021-4019 vim: heap-based buffer overflow in find_help_tags() in src/help.c [rhel-8.6.0]

[2:8.0.1763-17]
- 2016201 - CVE-2021-3872 vim: heap-based buffer overflow in win_redr_status() drawscreen.c [rhel-8.6.0]


Related CVEs


CVE-2022-1629
CVE-2022-1621

Updated Packages


Release/ArchitectureFilenamesha256Superseded By AdvisoryChannel Label
Oracle Linux 8 (aarch64) vim-8.0.1763-19.0.1.el8_6.2.src.rpm19fb8fcf53c2c852adebe0e140f6e7ba6f6fdfc5d2c938b759b8da8f4513ec64-ol8_aarch64_appstream
vim-8.0.1763-19.0.1.el8_6.2.src.rpm19fb8fcf53c2c852adebe0e140f6e7ba6f6fdfc5d2c938b759b8da8f4513ec64-ol8_aarch64_baseos_latest
vim-8.0.1763-19.0.1.el8_6.2.src.rpm19fb8fcf53c2c852adebe0e140f6e7ba6f6fdfc5d2c938b759b8da8f4513ec64-ol8_aarch64_u6_baseos_patch
vim-X11-8.0.1763-19.0.1.el8_6.2.aarch64.rpm5bd1c5ca9daaf4c10dd4aa0b8575a67d252979a18065b2e82db1b0e4db2ae53f-ol8_aarch64_appstream
vim-common-8.0.1763-19.0.1.el8_6.2.aarch64.rpm4760515d212b82157ab87007fae0ae3991820934ea356d44809b7dc04d4d6f73-ol8_aarch64_appstream
vim-enhanced-8.0.1763-19.0.1.el8_6.2.aarch64.rpm7ec05d21e5b8e6a913f610e97614929613bb6ae8eeef8d7fe556939accb709fc-ol8_aarch64_appstream
vim-filesystem-8.0.1763-19.0.1.el8_6.2.noarch.rpm9e80a391fbaddf427dd473325b6e5dfedbe6cd1d21e7088e993c02b446b3eed0-ol8_aarch64_appstream
vim-minimal-8.0.1763-19.0.1.el8_6.2.aarch64.rpm280bee1c784d64ded3959ff740f1aaf4a1acb1bd2c263cbfaaf07d7cb79137d0-ol8_aarch64_baseos_latest
vim-minimal-8.0.1763-19.0.1.el8_6.2.aarch64.rpm280bee1c784d64ded3959ff740f1aaf4a1acb1bd2c263cbfaaf07d7cb79137d0-ol8_aarch64_u6_baseos_patch
Oracle Linux 8 (x86_64) vim-8.0.1763-19.0.1.el8_6.2.src.rpm19fb8fcf53c2c852adebe0e140f6e7ba6f6fdfc5d2c938b759b8da8f4513ec64-ol8_x86_64_appstream
vim-8.0.1763-19.0.1.el8_6.2.src.rpm19fb8fcf53c2c852adebe0e140f6e7ba6f6fdfc5d2c938b759b8da8f4513ec64-ol8_x86_64_baseos_latest
vim-8.0.1763-19.0.1.el8_6.2.src.rpm19fb8fcf53c2c852adebe0e140f6e7ba6f6fdfc5d2c938b759b8da8f4513ec64-ol8_x86_64_u6_baseos_patch
vim-X11-8.0.1763-19.0.1.el8_6.2.x86_64.rpmdc6c060f72c7cefa45ef829c6afc1cd5164097a43a99a3739e1fee4c928e40aa-ol8_x86_64_appstream
vim-common-8.0.1763-19.0.1.el8_6.2.x86_64.rpm6f80984e653408bdb1cb7aee0391152a6e1ba31c58b0bed0c7774578b51fbce4-ol8_x86_64_appstream
vim-enhanced-8.0.1763-19.0.1.el8_6.2.x86_64.rpm0ae6cea6673be126e137cdec3a157cb44f3ed91593bd767955d2c92acfb8a850-ol8_x86_64_appstream
vim-filesystem-8.0.1763-19.0.1.el8_6.2.noarch.rpm9e80a391fbaddf427dd473325b6e5dfedbe6cd1d21e7088e993c02b446b3eed0-ol8_x86_64_appstream
vim-minimal-8.0.1763-19.0.1.el8_6.2.x86_64.rpmd4ccd860f0f1496cf82f355d47d55648888bd91f5903669063982644c6fa057a-ol8_x86_64_baseos_latest
vim-minimal-8.0.1763-19.0.1.el8_6.2.x86_64.rpmd4ccd860f0f1496cf82f355d47d55648888bd91f5903669063982644c6fa057a-ol8_x86_64_u6_baseos_patch



This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

software.hardware.complete
Subscribe | Careers | Contact Us | Legal Notices | Terms of Use | Your Privacy Rights