SUSE-SU-2022:3229-1 -- SLES vim, gvimID: oval:org.secpod.oval:def:89047026 | Date: (C)2022-10-10 (M)2024-05-22 |
Class: PATCH | Family: unix |
This update for vim fixes the following issues: Updated to version 9.0 with patch level 0313: - CVE-2022-2183: Fixed out-of-bounds read through get_lisp_indent . - CVE-2022-2182: Fixed heap-based buffer overflow through parse_cmd_address . - CVE-2022-2175: Fixed buffer over-read through cmdline_insert_reg . - CVE-2022-2304: Fixed stack buffer overflow in spell_dump_compl . - CVE-2022-2343: Fixed heap-based buffer overflow in GitHub repository vim prior to 9.0.0044 . - CVE-2022-2344: Fixed another heap-based buffer overflow vim prior to 9.0.0045 . - CVE-2022-2345: Fixed use after free in GitHub repository vim prior to 9.0.0046. - CVE-2022-2819: Fixed heap-based Buffer Overflow in compile_lock_unlock . - CVE-2022-2874: Fixed NULL Pointer Dereference in generate_loadvar . - CVE-2022-1968: Fixed use after free in utf_ptr2char . - CVE-2022-2124: Fixed out of bounds read in current_quote . - CVE-2022-2125: Fixed out of bounds read in get_lisp_indent . - CVE-2022-2126: Fixed out of bounds read in suggest_trie_walk . - CVE-2022-2129: Fixed out of bounds write in vim_regsub_both . - CVE-2022-1720: Fixed out of bounds read in grab_file_name . - CVE-2022-2264: Fixed out of bounds read in inc . - CVE-2022-2284: Fixed out of bounds read in utfc_ptr2len . - CVE-2022-2285: Fixed negative size passed to memmove due to integer overflow . - CVE-2022-2286: Fixed out of bounds read in ins_bytes . - CVE-2022-2287: Fixed out of bounds read in suggest_trie_walk . - CVE-2022-2231: Fixed null pointer dereference skipwhite . - CVE-2022-2210: Fixed out of bounds read in ml_append_int . - CVE-2022-2208: Fixed null pointer dereference in diff_check . - CVE-2022-2207: Fixed out of bounds read in ins_bs . - CVE-2022-2257: Fixed out of bounds read in msg_outtrans_special . - CVE-2022-2206: Fixed out of bounds read in msg_outtrans_attr . - CVE-2022-2522: Fixed out of bounds read via nested autocommand . - CVE-2022-2571: Fixed heap-based buffer overflow related to ins_comp_get_next_word_or_line . - CVE-2022-2580: Fixed heap-based buffer overflow related to eval_string . - CVE-2022-2581: Fixed out-of-bounds read related to cstrchr . - CVE-2022-2598: Fixed undefined behavior for Input to API related to diff_mark_adjust_tp and ex_diffgetput . - CVE-2022-2817: Fixed use after gree in f_assert_fails . - CVE-2022-2816: Fixed out-of-bounds Read in check_vim9_unlet . - CVE-2022-2862: Fixed use-after-free in compile_nested_function . - CVE-2022-2849: Fixed invalid memory access related to mb_ptr2len . - CVE-2022-2845: Fixed buffer Over-read related to display_dollar . - CVE-2022-2889: Fixed use-after-free in find_var_also_in_script in evalvars.c . - CVE-2022-2923: Fixed NULL pointer dereference in GitHub repository vim/vim prior to 9.0.0240 . - CVE-2022-2946: Fixed use after free in function vim_vsnprintf_typval . - CVE-2022-3016: Fixed use after free in vim prior to 9.0.0285 . Bugfixes: - Fixing vim error on startup . - Fixing vim SUSE Linux Enterprise Server 15 SP4 Basesystem plugin-tlib issue .
Platform: |
SUSE Linux Enterprise Server 15 |
SUSE Linux Enterprise Desktop 15 SP4 |
SUSE Linux Enterprise Server 15 SP4 |
SUSE Linux Enterprise Desktop 15 SP3 |
SUSE Linux Enterprise Server 15 SP2 |
SUSE Linux Enterprise Server 15 SP3 |
SUSE Linux Enterprise Server 15 SP1 |