UbuntuUpdates.org

Package "vim"

Name: vim

Description:

This package is just an umbrella for a group of other packages, it has no description.
Description samples from packages in group:

  • Vi IMproved - enhanced vi editor (dummy package)
  • Vi IMproved - enhanced vi editor - with GTK3 GUI
  • Vi IMproved - Common GUI files
  • Vi IMproved - enhanced vi editor - with Motif GUI
Latest version: 2:9.1.0016-1ubuntu7.3
Release: noble (24.04)
Level: security
Repository: universe

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Other versions of "vim" in Noble

Repository Area Version
base universe 2:9.1.0016-1ubuntu7
base main 2:9.1.0016-1ubuntu7
security main 2:9.1.0016-1ubuntu7.3
updates main 2:9.1.0016-1ubuntu7.4
updates universe 2:9.1.0016-1ubuntu7.4

Packages in group

Deleted packages are displayed in grey.


Changelog

Version: 2:9.1.0016-1ubuntu7.3 2024-10-01 06:06:56 UTC

  vim (2:9.1.0016-1ubuntu7.3) noble-security; urgency=medium

  * SECURITY UPDATE: buffer overflow
    - debian/patches/CVE-2024-43802.patch: check buflen before advancing
      offset. Add src/testdir/crash/heap_overflow3 to include-binaries.
    - CVE-2024-43802

 -- Vyom Yadav <email address hidden> Wed, 25 Sep 2024 15:43:04 +0530
Source diff to previous version
CVE-2024-43802 Vim is an improved version of the unix vi text editor. When flushing the typeahead buffer, Vim moves the current position in the typeahead buffer but

Version: 2:9.1.0016-1ubuntu7.2 2024-09-05 04:07:09 UTC

  vim (2:9.1.0016-1ubuntu7.2) noble-security; urgency=medium

  * SECURITY UPDATE: use after free
    - debian/patches/CVE-2024-41957.patch: set tagname to NULL
      after being freed
    - CVE-2024-41957
  * SECURITY UPDATE: use after free
    - debian/patches/CVE-2024-43374.patch: add lock to keep
      reference valid
    - CVE-2024-43374

 -- Bruce Cable <email address hidden> Tue, 27 Aug 2024 14:08:09 +1000
CVE-2024-41957 Vim is an open source command line text editor. Vim < v9.1.0647 has double free in src/alloc.c:616. When closing a window, the corresponding tagstack
CVE-2024-43374 The UNIX editor Vim prior to version 9.1.0678 has a use-after-free error in argument list handling. When adding a new file to the argument list, this


About   -   Send Feedback to @ubuntu_updates