UbuntuUpdates.org

Package "vim-gtk3"

Name: vim-gtk3

Description:

Vi IMproved - enhanced vi editor - with GTK3 GUI

Latest version: 2:8.2.3995-1ubuntu2.19
Release: jammy (22.04)
Level: security
Repository: universe
Head package: vim
Homepage: https://www.vim.org/

Links


Download "vim-gtk3"


Other versions of "vim-gtk3" in Jammy

Repository Area Version
base universe 2:8.2.3995-1ubuntu2
updates universe 2:8.2.3995-1ubuntu2.20

Changelog

Version: 2:8.2.3995-1ubuntu2.12 2023-10-10 16:07:31 UTC

  vim (2:8.2.3995-1ubuntu2.12) jammy-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2022-3234.patch: Check for replacing NUL after Tab.
    - debian/patches/CVE-2022-3491.patch: Do not return an invalid pointer.
      Fix skipping redirection
    - debian/patches/CVE-2022-3520.patch: Check that the column does not
      become negative.
    - CVE-2022-3234
    - CVE-2022-3491
    - CVE-2022-3520
  * SECURITY UPDATE: use after free memory issue
    - debian/patches/CVE-2022-3235.patch: Make sure pointer to b_p_iminsert
      is still valid.
    - debian/patches/CVE-2022-3256.patch: Copy the mark before editing
      another buffer
    - debian/patches/CVE-2022-3297.patch: Make a copy of the option. Make
      sure cursor position is valid
    - debian/patches/CVE-2022-3352.patch: Disallow deleting the current
      buffer to avoid using freed memory
    - debian/patches/CVE-2022-3591.patch: Disallow navigating to a dummy
      buffer
    - debian/patches/CVE-2022-3705.patch: Set the quickfix-busy flag while
      filling the buffer
    - debian/patches/CVE-2022-4292.patch: Bail out if the window no longer
      exists.
    - CVE-2022-3235
    - CVE-2022-3256
    - CVE-2022-3297
    - CVE-2022-3352
    - CVE-2022-3591
    - CVE-2022-3705
    - CVE-2022-4292
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2022-3278.patch: Don't get a next line when
      skipping over NL
    - CVE-2022-3278
  * SECURITY UPDATE: stack-based buffer overflow
    - debian/patches/CVE-2022-3324.patch: Make sure the window width does
      not become negative
    - CVE-2022-3324
  * SECURITY UPDATE: incorrect floating point comparison
    - debian/patches/CVE-2022-4293.patch: fix floating point comparison
    - CVE-2022-4293
  * debian/patches/fix_flaky_tests.patch: fix some flaky tests

 -- Nishit Majithia <email address hidden> Fri, 06 Oct 2023 13:19:43 +0530

Source diff to previous version
CVE-2022-3234 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483.
CVE-2022-3491 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742.
CVE-2022-3520 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765.
CVE-2022-3235 Use After Free in GitHub repository vim/vim prior to 9.0.0490.
CVE-2022-3256 Use After Free in GitHub repository vim/vim prior to 9.0.0530.
CVE-2022-3297 Use After Free in GitHub repository vim/vim prior to 9.0.0579.
CVE-2022-3352 Use After Free in GitHub repository vim/vim prior to 9.0.0614.
CVE-2022-3591 Use After Free in GitHub repository vim/vim prior to 9.0.0789.
CVE-2022-3705 A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the
CVE-2022-4292 Use After Free in GitHub repository vim/vim prior to 9.0.0882.
CVE-2022-3278 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552.
CVE-2022-3324 Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598.
CVE-2022-4293 Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.

Version: 2:8.2.3995-1ubuntu2.11 2023-08-21 14:07:42 UTC

  vim (2:8.2.3995-1ubuntu2.11) jammy-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2022-2522.patch: Terminate string with NUL
    - debian/patches/CVE-2022-2580.patch: Properly skip over <Key> form
    - debian/patches/CVE-2022-2819.patch: Don't read past the end of the
      line
    - CVE-2022-2522
    - CVE-2022-2580
    - CVE-2022-2819
  * SECURITY UPDATE: out-of-bounds write issue
    - debian/patches/CVE-2022-2598.patch: Make sure the line number does
      not go below one.
    - CVE-2022-2598
  * SECURITY UPDATE: out-of-bounds read issue
    - debian/patches/CVE-2022-2816.patch: Don't read past the end of the
      line
    - CVE-2022-2816
  * SECURITY UPDATE: use after free memory issue
    - debian/patches/CVE-2022-2817.patch: Make a copy of the error
    - debian/patches/CVE-2022-2862.patch: Mess up the variable name so that
      it won't be found
    - debian/patches/CVE-2022-2889.patch: Free eval_tofree later
    - debian/patches/CVE-2022-2982.patch: Do not allow for recursion
    - debian/patches/CVE-2022-3016.patch: Return QF_ABORT and handle it.
    - debian/patches/CVE-2022-3037.patch: Do not handle errors if there
      aren't any
    - debian/patches/CVE-2022-3099.patch: Do not check breakpoint for
      non-existing line
    - debian/patches/CVE-2022-3134.patch: Bail out when the window was
      closed
    - CVE-2022-2817
    - CVE-2022-2862
    - CVE-2022-2889
    - CVE-2022-2982
    - CVE-2022-3016
    - CVE-2022-3037
    - CVE-2022-3099
    - CVE-2022-3134
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2022-2874.patch: Check for skipping
    - debian/patches/CVE-2022-3153.patch: Check for NULL string
    - CVE-2022-2874
    - CVE-2022-3153

 -- Nishit Majithia <email address hidden> Fri, 18 Aug 2023 09:42:26 +0530

Source diff to previous version
CVE-2022-2522 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061.
CVE-2022-2580 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102.
CVE-2022-2819 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211.
CVE-2022-2816 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212.
CVE-2022-2817 Use After Free in GitHub repository vim/vim prior to 9.0.0213.
CVE-2022-2862 Use After Free in GitHub repository vim/vim prior to 9.0.0221.
CVE-2022-2889 Use After Free in GitHub repository vim/vim prior to 9.0.0225.
CVE-2022-2982 Use After Free in GitHub repository vim/vim prior to 9.0.0260.
CVE-2022-3016 Use After Free in GitHub repository vim/vim prior to 9.0.0286.
CVE-2022-3037 Use After Free in GitHub repository vim/vim prior to 9.0.0322.
CVE-2022-3099 Use After Free in GitHub repository vim/vim prior to 9.0.0360.
CVE-2022-3134 Use After Free in GitHub repository vim/vim prior to 9.0.0389.
CVE-2022-2874 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224.
CVE-2022-3153 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404.

Version: 2:8.2.3995-1ubuntu2.10 2023-08-03 09:08:06 UTC

  vim (2:8.2.3995-1ubuntu2.10) jammy-security; urgency=medium

  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2022-2182.patch: When on line zero check the
      column is valid for line one.
    - debian/patches/CVE-2022-2264.patch: Adjust the end mark position.
    - debian/patches/CVE-2022-2284.patch: Stop Visual mode when closing a
      window.
    - CVE-2022-2182
    - CVE-2022-2264
    - CVE-2022-2284
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2022-2208.patch: Recompute diffs later. Skip
      window without a valid buffer.
    - debian/patches/CVE-2022-2231.patch: Do not use the NULL pointer.
    - CVE-2022-2208
    - CVE-2022-2231
  * SECURITY UPDATE: out-of-bounds write issue
    - debian/patches/CVE-2022-2210.patch: Use zero offset when change
      removes all lines in a diff block
    - CVE-2022-2210
  * SECURITY UPDATE: out-of-bounds read issue
    - debian/patches/CVE-2022-2257.patch: Check for NUL.
    - debian/patches/CVE-2022-2286.patch: Check the length of the string
    - debian/patches/CVE-2022-2287.patch: Disallow adding a word with
      control characters or a trailing slash.
    - CVE-2022-2257
    - CVE-2022-2286
    - CVE-2022-2287
  * SECURITY UPDATE: integer overflow issue
    - debian/patches/CVE-2022-2285.patch: Put a NUL after the typeahead.
    - CVE-2022-2285
  * SECURITY UPDATE: use after free memory issue
    - debian/patches/CVE-2022-2289.patch: Bail out when diff pointer is no
      longer valid
    - CVE-2022-2289
  * debian/patches/skip_some_tests.patch: skip some failing test

 -- Nishit Majithia <email address hidden> Tue, 01 Aug 2023 11:07:49 +0530

Source diff to previous version
CVE-2022-2182 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-2264 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVE-2022-2284 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.
CVE-2022-2208 NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163.
CVE-2022-2231 NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.
CVE-2022-2210 Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.
CVE-2022-2257 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-2286 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-2287 Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.
CVE-2022-2285 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.
CVE-2022-2289 Use After Free in GitHub repository vim/vim prior to 9.0.

Version: 2:8.2.3995-1ubuntu2.9 2023-07-03 04:07:13 UTC

  vim (2:8.2.3995-1ubuntu2.9) jammy-security; urgency=medium

  * SECURITY UPDATE: out-of-bounds read when finding an ex command by name
    - debian/patches/CVE-2022-0128.patch: check for the NUL byte first before
      reading.
    - CVE-2022-0128
  * SECURITY UPDATE: use of freed memory when managing line buffers
    - debian/patches/CVE-2022-0156-1.patch: tracking and keeping individual
      lines until the end before freeing.
    - debian/patches/CVE-2022-0156-2.patch: use growing array for tracking
      lines to free when executing instructions.
    - CVE-2022-0156
  * SECURITY UPDATE: heap-based buffer overflow when reading line containing
    "$" on its own
    - debian/patches/CVE-2022-0158.patch: handle environment variable with
      adjusted error reporting.
    - CVE-2022-0158
  * SECURITY UPDATE: out-of-bounds read when recording and using select mode
    - debian/patches/CVE-2022-0393.patch: check last recorded character exists
      before deleting.
    - CVE-2022-0393
  * SECURITY UPDATE: heap-based buffer overflow when performing a visual block
    yank
    - debian/patches/CVE-2022-0407.patch: check line boundary before reading
      character.
    - CVE-2022-0407
  * SECURITY UPDATE: NULL pointer dereference when switching tabpage in
    cmdline window
    - debian/patches/CVE-2022-0696.patch: deny switching tabpage in cmdline
      window.
    - CVE-2022-0696

 -- Evan Caville <email address hidden> Thu, 22 Jun 2023 14:08:04 +1000

Source diff to previous version
CVE-2022-0128 vim is vulnerable to Out-of-bounds Read
CVE-2022-0156 vim is vulnerable to Use After Free
CVE-2022-0158 vim is vulnerable to Heap-based Buffer Overflow
CVE-2022-0393 Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.
CVE-2022-0407 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
CVE-2022-0696 NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4428.

Version: 2:8.2.3995-1ubuntu2.8 2023-06-12 13:07:11 UTC

  vim (2:8.2.3995-1ubuntu2.8) jammy-security; urgency=medium

  * SECURITY UPDATE: use of out-of-range pointer offset when fuzzy matching
    - debian/patches/CVE-2023-2426.patch: initialize the arrays used to store
      match positions.
    - CVE-2023-2426
  * SECURITY UPDATE: NULL pointer dereference when processing register content
    - debian/patches/CVE-2023-2609.patch: check "y_array" is not NULL.
    - CVE-2023-2609
  * SECURITY UPDATE: integer overflow and excessive memory consumption when
    allocating memory for tilde processing in pattern
    - debian/patches/CVE-2023-2610.patch: limit the text length to MAXCOL.
    - CVE-2023-2610

 -- Camila Camargo de Matos <email address hidden> Wed, 24 May 2023 11:27:53 -0300

CVE-2023-2426 Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499.
CVE-2023-2609 NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.1531.
CVE-2023-2610 Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1532.



About   -   Send Feedback to @ubuntu_updates