Package "vim-nox"
Name: |
vim-nox
|
Description: |
Vi IMproved - enhanced vi editor - with scripting languages support
|
Latest version: |
2:8.2.3995-1ubuntu2.20 |
Release: |
jammy (22.04) |
Level: |
updates |
Repository: |
universe |
Head package: |
vim |
Homepage: |
https://www.vim.org/ |
Links
Download "vim-nox"
Other versions of "vim-nox" in Jammy
Changelog
vim (2:8.2.3995-1ubuntu2.15) jammy-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-1725.patch: Check for regexp program becoming NULL
in more places.
- CVE-2022-1725
* SECURITY UPDATE: denial of service
- debian/patches/CVE-2022-1771.patch: Limit recursion of getcmdline().
- CVE-2022-1771
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2022-1886.patch: Check the length is more than zero.
- CVE-2022-1886
* SECURITY UPDATE: out of bounds write vulnerability
- debian/patches/CVE-2022-1897.patch: Disallow undo when in a substitute
command.
- CVE-2022-1897
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2022-2000.patch: addresses the potential for an
overflow by adding a bounds check and truncating the message if needed.
- CVE-2022-2000
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2022-2042.patch: Initialize "attr". Check for empty
line early.
- CVE-2022-2042
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-46246.patch: Check that the return value from the
vim_str2nr() function is not larger than INT_MAX and if yes, bail out with
an error.
- CVE-2023-46246
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-48231.patch: If the current window structure is
no longer valid, fail and return before attempting to set win->w_closing
variable.
- CVE-2023-48231
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48233.patch: If the count after the :s command is
larger than what fits into a (signed) long variable, abort with
e_value_too_large.
- CVE-2023-48233
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48234.patch: When getting the count for a normal z
command, it may overflow for large counts given. So verify, that we can
safely store the result in a long.
- CVE-2023-48234
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48235.patch: When parsing relative ex addresses
one may unintentionally cause an overflow (because LONG_MAX - lnum will
overflow for negative addresses).
- CVE-2023-48235
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48236.patch: When using the z= command, we may
overflow the count with values larger than MAX_INT. So verify that we do
not overflow and in case when an overflow is detected, simply return 0.
- CVE-2023-48236
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48237.patch: When shifting lines in operator
pending mode and using a very large value, we may overflow the size of
integer. Fix this by using a long variable, testing if the result would
be larger than INT_MAX and if so, indent by INT_MAX value.
- CVE-2023-48237
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-48706.patch: ensure that the sub var always using
allocated memory.
- CVE-2023-48706
-- Fabian Toepfer <email address hidden> Tue, 05 Dec 2023 18:58:57 +0100
|
Source diff to previous version |
CVE-2022-1725 |
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.4959. |
CVE-2022-1771 |
Uncontrolled Recursion in GitHub repository vim/vim prior to 8.2.4975. |
CVE-2022-1886 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
CVE-2022-1897 |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. |
CVE-2022-2000 |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. |
CVE-2022-2042 |
Use After Free in GitHub repository vim/vim prior to 8.2. |
CVE-2023-46246 |
Vim is an improved version of the good old UNIX editor Vi. Heap-use-after-free in memory allocated in the function `ga_grow_inner` in in the file `sr |
CVE-2023-48231 |
Vim is an open source command line text editor. When closing a window, vim may try to access already freed window structure. Exploitation beyond cras |
CVE-2023-48233 |
Vim is an open source command line text editor. If the count after the :s command is larger than what fits into a (signed) long variable, abort with |
CVE-2023-48234 |
Vim is an open source command line text editor. When getting the count for a normal mode z command, it may overflow for large counts given. Impact is |
CVE-2023-48235 |
Vim is an open source command line text editor. When parsing relative ex addresses one may unintentionally cause an overflow. Ironically this happens |
CVE-2023-48236 |
Vim is an open source command line text editor. When using the z= command, the user may overflow the count with values larger than MAX_INT. Impact is |
CVE-2023-48237 |
Vim is an open source command line text editor. In affected versions when shifting lines in operator pending mode and using a very large value, it ma |
CVE-2023-48706 |
Vim is a UNIX editor that, prior to version 9.0.2121, has a heap-use-after-free vulnerability. When executing a `:s` command for the very first time |
|
vim (2:8.2.3995-1ubuntu2.13) jammy-security; urgency=medium
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after
reset_VIsual() in do_ecmd.
- CVE-2023-4733
* SECURITY UPDATE: integer overflow vulnerability
- debian/patches/CVE-2023-4734.patch: Check for typeval correctly in
f_fullcommand.
- CVE-2023-4734
* SECURITY UPDATE: out of bounds write vulnerability
- debian/patches/CVE-2023-4735.patch: Add check for buffer size to avoid
overflow in do_addsub.
- CVE-2023-4735
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4750.patch: Check buffer is valid before
accessing it.
- CVE-2023-4750
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4751.patch: Stop Visual mode when using :ball
to avoid illegal memory access.
- CVE-2023-4751
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4752.patch: validate buffer before accessing it
in ins_compl_get_exp.
- CVE-2023-4752
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4781.patch: Disallow exchanging windows when
textlock is active in vim_regsub_both.
- CVE-2023-4781
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-5344.patch: Add NULL at end of buffer in
trunc_string.
- CVE-2023-5344
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2023-5441.patch: skip gui_scroll when exmode_active
in gui_do_scroll.
- CVE-2023-5441
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-5535.patch: block autocommands in
buf_contents_changed.
- CVE-2023-5535
-- Fabian Toepfer <email address hidden> Mon, 16 Oct 2023 20:15:38 +0200
|
Source diff to previous version |
CVE-2023-4733 |
Use After Free in GitHub repository vim/vim prior to 9.0.1840. |
CVE-2023-4734 |
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.1846. |
CVE-2023-4735 |
Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1847. |
CVE-2023-4750 |
Use After Free in GitHub repository vim/vim prior to 9.0.1857. |
CVE-2023-4751 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1331. |
CVE-2023-4752 |
Use After Free in GitHub repository vim/vim prior to 9.0.1858. |
CVE-2023-4781 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1873. |
CVE-2023-5344 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1969. |
CVE-2023-5441 |
NULL Pointer Dereference in GitHub repository vim/vim prior to 20d161ace307e28690229b68584f2d84556f8960. |
CVE-2023-5535 |
Use After Free in GitHub repository vim/vim prior to v9.0.2010. |
|
vim (2:8.2.3995-1ubuntu2.12) jammy-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-3234.patch: Check for replacing NUL after Tab.
- debian/patches/CVE-2022-3491.patch: Do not return an invalid pointer.
Fix skipping redirection
- debian/patches/CVE-2022-3520.patch: Check that the column does not
become negative.
- CVE-2022-3234
- CVE-2022-3491
- CVE-2022-3520
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-3235.patch: Make sure pointer to b_p_iminsert
is still valid.
- debian/patches/CVE-2022-3256.patch: Copy the mark before editing
another buffer
- debian/patches/CVE-2022-3297.patch: Make a copy of the option. Make
sure cursor position is valid
- debian/patches/CVE-2022-3352.patch: Disallow deleting the current
buffer to avoid using freed memory
- debian/patches/CVE-2022-3591.patch: Disallow navigating to a dummy
buffer
- debian/patches/CVE-2022-3705.patch: Set the quickfix-busy flag while
filling the buffer
- debian/patches/CVE-2022-4292.patch: Bail out if the window no longer
exists.
- CVE-2022-3235
- CVE-2022-3256
- CVE-2022-3297
- CVE-2022-3352
- CVE-2022-3591
- CVE-2022-3705
- CVE-2022-4292
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-3278.patch: Don't get a next line when
skipping over NL
- CVE-2022-3278
* SECURITY UPDATE: stack-based buffer overflow
- debian/patches/CVE-2022-3324.patch: Make sure the window width does
not become negative
- CVE-2022-3324
* SECURITY UPDATE: incorrect floating point comparison
- debian/patches/CVE-2022-4293.patch: fix floating point comparison
- CVE-2022-4293
* debian/patches/fix_flaky_tests.patch: fix some flaky tests
-- Nishit Majithia <email address hidden> Fri, 06 Oct 2023 13:19:43 +0530
|
Source diff to previous version |
CVE-2022-3234 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0483. |
CVE-2022-3491 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0742. |
CVE-2022-3520 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0765. |
CVE-2022-3235 |
Use After Free in GitHub repository vim/vim prior to 9.0.0490. |
CVE-2022-3256 |
Use After Free in GitHub repository vim/vim prior to 9.0.0530. |
CVE-2022-3297 |
Use After Free in GitHub repository vim/vim prior to 9.0.0579. |
CVE-2022-3352 |
Use After Free in GitHub repository vim/vim prior to 9.0.0614. |
CVE-2022-3591 |
Use After Free in GitHub repository vim/vim prior to 9.0.0789. |
CVE-2022-3705 |
A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the |
CVE-2022-4292 |
Use After Free in GitHub repository vim/vim prior to 9.0.0882. |
CVE-2022-3278 |
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0552. |
CVE-2022-3324 |
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0598. |
CVE-2022-4293 |
Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804. |
|
vim (2:8.2.3995-1ubuntu2.11) jammy-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2522.patch: Terminate string with NUL
- debian/patches/CVE-2022-2580.patch: Properly skip over <Key> form
- debian/patches/CVE-2022-2819.patch: Don't read past the end of the
line
- CVE-2022-2522
- CVE-2022-2580
- CVE-2022-2819
* SECURITY UPDATE: out-of-bounds write issue
- debian/patches/CVE-2022-2598.patch: Make sure the line number does
not go below one.
- CVE-2022-2598
* SECURITY UPDATE: out-of-bounds read issue
- debian/patches/CVE-2022-2816.patch: Don't read past the end of the
line
- CVE-2022-2816
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-2817.patch: Make a copy of the error
- debian/patches/CVE-2022-2862.patch: Mess up the variable name so that
it won't be found
- debian/patches/CVE-2022-2889.patch: Free eval_tofree later
- debian/patches/CVE-2022-2982.patch: Do not allow for recursion
- debian/patches/CVE-2022-3016.patch: Return QF_ABORT and handle it.
- debian/patches/CVE-2022-3037.patch: Do not handle errors if there
aren't any
- debian/patches/CVE-2022-3099.patch: Do not check breakpoint for
non-existing line
- debian/patches/CVE-2022-3134.patch: Bail out when the window was
closed
- CVE-2022-2817
- CVE-2022-2862
- CVE-2022-2889
- CVE-2022-2982
- CVE-2022-3016
- CVE-2022-3037
- CVE-2022-3099
- CVE-2022-3134
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-2874.patch: Check for skipping
- debian/patches/CVE-2022-3153.patch: Check for NULL string
- CVE-2022-2874
- CVE-2022-3153
-- Nishit Majithia <email address hidden> Fri, 18 Aug 2023 09:42:26 +0530
|
Source diff to previous version |
CVE-2022-2522 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0061. |
CVE-2022-2580 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0102. |
CVE-2022-2819 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0211. |
CVE-2022-2816 |
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. |
CVE-2022-2817 |
Use After Free in GitHub repository vim/vim prior to 9.0.0213. |
CVE-2022-2862 |
Use After Free in GitHub repository vim/vim prior to 9.0.0221. |
CVE-2022-2889 |
Use After Free in GitHub repository vim/vim prior to 9.0.0225. |
CVE-2022-2982 |
Use After Free in GitHub repository vim/vim prior to 9.0.0260. |
CVE-2022-3016 |
Use After Free in GitHub repository vim/vim prior to 9.0.0286. |
CVE-2022-3037 |
Use After Free in GitHub repository vim/vim prior to 9.0.0322. |
CVE-2022-3099 |
Use After Free in GitHub repository vim/vim prior to 9.0.0360. |
CVE-2022-3134 |
Use After Free in GitHub repository vim/vim prior to 9.0.0389. |
CVE-2022-2874 |
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0224. |
CVE-2022-3153 |
NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0404. |
|
vim (2:8.2.3995-1ubuntu2.10) jammy-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2182.patch: When on line zero check the
column is valid for line one.
- debian/patches/CVE-2022-2264.patch: Adjust the end mark position.
- debian/patches/CVE-2022-2284.patch: Stop Visual mode when closing a
window.
- CVE-2022-2182
- CVE-2022-2264
- CVE-2022-2284
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-2208.patch: Recompute diffs later. Skip
window without a valid buffer.
- debian/patches/CVE-2022-2231.patch: Do not use the NULL pointer.
- CVE-2022-2208
- CVE-2022-2231
* SECURITY UPDATE: out-of-bounds write issue
- debian/patches/CVE-2022-2210.patch: Use zero offset when change
removes all lines in a diff block
- CVE-2022-2210
* SECURITY UPDATE: out-of-bounds read issue
- debian/patches/CVE-2022-2257.patch: Check for NUL.
- debian/patches/CVE-2022-2286.patch: Check the length of the string
- debian/patches/CVE-2022-2287.patch: Disallow adding a word with
control characters or a trailing slash.
- CVE-2022-2257
- CVE-2022-2286
- CVE-2022-2287
* SECURITY UPDATE: integer overflow issue
- debian/patches/CVE-2022-2285.patch: Put a NUL after the typeahead.
- CVE-2022-2285
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-2289.patch: Bail out when diff pointer is no
longer valid
- CVE-2022-2289
* debian/patches/skip_some_tests.patch: skip some failing test
-- Nishit Majithia <email address hidden> Tue, 01 Aug 2023 11:07:49 +0530
|
CVE-2022-2182 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. |
CVE-2022-2264 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. |
CVE-2022-2284 |
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. |
CVE-2022-2208 |
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.5163. |
CVE-2022-2231 |
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2. |
CVE-2022-2210 |
Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. |
CVE-2022-2257 |
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. |
CVE-2022-2286 |
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. |
CVE-2022-2287 |
Out-of-bounds Read in GitHub repository vim/vim prior to 9.0. |
CVE-2022-2285 |
Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0. |
CVE-2022-2289 |
Use After Free in GitHub repository vim/vim prior to 9.0. |
|
About
-
Send Feedback to @ubuntu_updates