ELSA-2023-0958

ELSA-2023-0958 - vim security update

Type:	SECURITY
Severity:	MODERATE
Release Date:	2023-02-28

Description

[8.2.2637-20.0.1]
- Remove upstream references [Orabug: 31197557]

[2:8.2.2637-20]
- CVE-2022-47024 vim: no check if the return value of XChangeGC() is NULL

[2:8.2.2637-19]
- CVE-2022-1785 vim: Out-of-bounds Write
- CVE-2022-1897 vim: out-of-bounds write in vim_regsub_both() in regexp.c
- CVE-2022-1927 vim: buffer over-read in utf_ptr2char() in mbyte.c

[2:8.2.2637-18]
- CVE-2022-1621 vim: heap buffer overflow
- CVE-2022-1629 vim: buffer over-read

[2:8.2.2637-17]
- CVE-2022-1154 vim: use after free in utf_ptr2char
- CVE-2022-1420 vim: Out-of-range Pointer Offset

Related CVEs

CVE-2022-47024

Updated Packages

Release/Architecture	Filename	MD5sum	Superseded By Advisory
Oracle Linux 9 (aarch64)	vim-8.2.2637-20.0.1.el9_1.src.rpm	75461edd17476fd7e608aeeecc7eb2be	-
	vim-X11-8.2.2637-20.0.1.el9_1.aarch64.rpm	d2592ac0eef073b2fe7886d7278ad57f	-
	vim-common-8.2.2637-20.0.1.el9_1.aarch64.rpm	278b7db492cfe4f33dc703053306a39b	-
	vim-enhanced-8.2.2637-20.0.1.el9_1.aarch64.rpm	8a3fffa9aa3ee057bd00a9b8cd12a16e	-
	vim-filesystem-8.2.2637-20.0.1.el9_1.noarch.rpm	a3fb5a4fc3523413a82497e4a3499cfd	-
	vim-minimal-8.2.2637-20.0.1.el9_1.aarch64.rpm	795cadc562cc13881f5a8bfd60b02b97	-
Oracle Linux 9 (x86_64)	vim-8.2.2637-20.0.1.el9_1.src.rpm	75461edd17476fd7e608aeeecc7eb2be	-
	vim-X11-8.2.2637-20.0.1.el9_1.x86_64.rpm	dc1470aaed9750ffd0513f871f8dd3b4	-
	vim-common-8.2.2637-20.0.1.el9_1.x86_64.rpm	24c93439db97e299657fb9408f6874c8	-
	vim-enhanced-8.2.2637-20.0.1.el9_1.x86_64.rpm	6792b574a60b041b499dda919d6e20ea	-
	vim-filesystem-8.2.2637-20.0.1.el9_1.noarch.rpm	a3fb5a4fc3523413a82497e4a3499cfd	-
	vim-minimal-8.2.2637-20.0.1.el9_1.x86_64.rpm	9ccf6fa74b84801bfdfeca9681016834	-

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team