Overview

File _patchinfo of Package patchinfo.27566

<patchinfo incident="27566">
  <issue tracker="bnc" id="1207162">VUL-1: CVE-2023-0288: vim: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1189.</issue>
  <issue tracker="bnc" id="1206077">VUL-0: CVE-2022-4293: vim: Floating Point Comparison with Incorrect Operator in GitHub repository vim/vim prior to 9.0.0804.</issue>
  <issue tracker="bnc" id="1205797">VUL-0: CVE-2022-4141: vim: heap-buffer-overflow in alloc.c 246:11</issue>
  <issue tracker="bnc" id="1204779">VUL-0: CVE-2022-3705: vim: use after free in function qf_update_buffer of the file quickfix.c</issue>
  <issue tracker="bnc" id="1207396">VUL-0: CVE-2023-0433: vim: Heap-based Buffer Overflow in vim prior to 9.0.1225</issue>
  <issue tracker="bnc" id="1206072">VUL-0: CVE-2022-3591: vim: Use After Free</issue>
  <issue tracker="bnc" id="1206867">VUL-1: CVE-2023-0051: vim: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.</issue>
  <issue tracker="bnc" id="1206868">VUL-1: CVE-2023-0054: vim: Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145.</issue>
  <issue tracker="bnc" id="1206075">VUL-0: CVE-2022-4292: vim: Use After Free in GitHub repository vim/vim prior to 9.0.0882.</issue>
  <issue tracker="bnc" id="1206028">VUL-0: CVE-2022-3491: vim: Heap-based Buffer Overflow prior to 9.0.0742</issue>
  <issue tracker="bnc" id="1206071">VUL-0: CVE-2022-3520: vim: Heap-based Buffer Overflow</issue>
  <issue tracker="bnc" id="1206866">VUL-1: CVE-2023-0049: vim: Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143.</issue>
  <issue tracker="cve" id="2023-0049"/>
  <issue tracker="cve" id="2022-4292"/>
  <issue tracker="cve" id="2023-0054"/>
  <issue tracker="cve" id="2023-0433"/>
  <issue tracker="cve" id="2022-3520"/>
  <issue tracker="cve" id="2023-0051"/>
  <issue tracker="cve" id="2022-3705"/>
  <issue tracker="cve" id="2022-3591"/>
  <issue tracker="cve" id="2022-4293"/>
  <issue tracker="cve" id="2022-3491"/>
  <issue tracker="cve" id="2022-4141"/>
  <issue tracker="cve" id="2023-0288"/>
  <packager>bzoltan1</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for vim</summary>
  <description>This update for vim fixes the following issues:

- Updated to version 9.0.1234:
  - CVE-2023-0433: Fixed an out of bounds memory access that could
    cause a crash (bsc#1207396).
  - CVE-2023-0288: Fixed an out of bounds memory access that could
    cause a crash (bsc#1207162).
  - CVE-2023-0054: Fixed an out of bounds memory write that could
    cause a crash or memory corruption (bsc#1206868).
  - CVE-2023-0051: Fixed an out of bounds memory access that could
    cause a crash (bsc#1206867).
  - CVE-2023-0049: Fixed an out of bounds memory access that could
    cause a crash (bsc#1206866).
  - CVE-2022-3491: Fixed an out of bounds memory access that could
    cause a crash (bsc#1206028).
  - CVE-2022-3520: Fixed an out of bounds memory access that could
    cause a crash (bsc#1206071).
  - CVE-2022-3591: Fixed a use-after-free issue that could cause
    memory corruption or undefined behavior (bsc#1206072).
  - CVE-2022-4292: Fixed a use-after-free issue that could cause
    memory corruption or undefined behavior (bsc#1206075).
  - CVE-2022-4293: Fixed a floating point exception that could cause
    a crash (bsc#1206077).
  - CVE-2022-4141: Fixed an out of bounds memory write that could
    cause a crash or memory corruption (bsc#1205797).
  - CVE-2022-3705: Fixed an use-after-free issue that could cause
    a crash or memory corruption (bsc#1204779).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places