Overview

File _patchinfo of Package patchinfo.30425

<patchinfo incident="30425">
  <issue tracker="bnc" id="1211461">vim "eats" first character from prompt in xterm</issue>
  <issue tracker="bnc" id="1210738">gvim rendering corruption with all 9.x versions</issue>
  <issue tracker="bnc" id="1214925">VUL-0: CVE-2023-4734: vim: segmentation fault in function f_fullcommand</issue>
  <issue tracker="bnc" id="1214924">VUL-0: CVE-2023-4735: vim: OOB Write ops.c</issue>
  <issue tracker="bnc" id="1215006">VUL-0: CVE-2023-4752: vim: Heap Use After Free in function ins_compl_get_exp</issue>
  <issue tracker="bnc" id="1215004">VUL-0: CVE-2023-4733: vim: use-after-free in function buflist_altfpos</issue>
  <issue tracker="bnc" id="1215033">VUL-0: CVE-2023-4781: vim: heap-buffer-overflow in function vim_regsub_both</issue>
  <issue tracker="bnc" id="1214922">VUL-0: CVE-2023-4738: vim: heap-buffer-overflow in vim_regsub_both</issue>
  <issue tracker="cve" id="2023-4738"/>
  <issue tracker="cve" id="2023-4735"/>
  <issue tracker="cve" id="2023-4781"/>
  <issue tracker="cve" id="2023-4752"/>
  <issue tracker="cve" id="2023-4733"/>
  <issue tracker="cve" id="2023-4734"/>
  <packager>bzoltan1</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for vim</summary>
  <description>This update for vim fixes the following issues:

Security fixes:

- CVE-2023-4733: Fixed use-after-free in function buflist_altfpos (bsc#1215004). 
- CVE-2023-4734: Fixed segmentation fault in function f_fullcommand (bsc#1214925). 
- CVE-2023-4735: Fixed out of bounds write in ops.c (bsc#1214924). 
- CVE-2023-4738: Fixed heap buffer overflow in vim_regsub_both (bsc#1214922). 
- CVE-2023-4752: Fixed heap use-after-free in function ins_compl_get_exp (bsc#1215006). 
- CVE-2023-4781: Fixed heap buffer overflow in function vim_regsub_both (bsc#1215033).

Other fixes:

- Calling vim on xterm leads to missing first character of the command prompt (bsc#1211461)
- Rendering corruption in gvim with all 9.x versions (bsc#1210738)
- Updated to version 9.0 with patch level 1894
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places