File _patchinfo of Package patchinfo.25688
<patchinfo incident="25688"> <issue tracker="bnc" id="1201132">VUL-1: CVE-2022-2264: vim: out of bounds read in inc()</issue> <issue tracker="bnc" id="1200698">VUL-1: CVE-2022-2125: vim: out of bounds read in get_lisp_indent()</issue> <issue tracker="bnc" id="1200700">VUL-1: CVE-2022-2126: vim: out of bounds read in suggest_trie_walk()</issue> <issue tracker="bnc" id="1201152">VUL-1: CVE-2022-2208: vim: null pointer dereference in diff_check()</issue> <issue tracker="bnc" id="1200884">Vim: Error on startup</issue> <issue tracker="bnc" id="1202046">VUL-1: CVE-2022-2571: vim: Heap-based Buffer Overflow related to ins_comp_get_next_word_or_line()</issue> <issue tracker="bnc" id="1202512">VUL-1: CVE-2022-2849: vim: Invalid memory access related to mb_ptr2len()</issue> <issue tracker="bnc" id="1201620">SLE-15-SP4-Full-x86_64-GM-Media1 and vim-plugin-tlib-1.27-bp154.2.18.noarch issue</issue> <issue tracker="bnc" id="1202050">VUL-1: CVE-2022-2581: vim: Out-of-bounds Read related to cstrchr()</issue> <issue tracker="bnc" id="1202689">VUL-1: CVE-2022-2946: vim: use after free in function vim_vsnprintf_typval</issue> <issue tracker="bnc" id="1201363">VUL-1: CVE-2022-2345: vim: Use After Free in GitHub repository vim prior to 9.0.0046.</issue> <issue tracker="bnc" id="1202414">VUL-1: CVE-2022-2819: vim: Heap-based Buffer Overflow in compile_lock_unlock()</issue> <issue tracker="bnc" id="1202049">VUL-1: CVE-2022-2580: vim: Heap-based Buffer Overflow related to eval_string()</issue> <issue tracker="bnc" id="1202421">VUL-1: CVE-2022-2816: vim: Out-of-bounds Read in check_vim9_unlet()</issue> <issue tracker="bnc" id="1202420">VUL-1: CVE-2022-2817: vim: Use After Free in f_assert_fails()</issue> <issue tracker="bnc" id="1201151">VUL-1: CVE-2022-2210: vim: out of bounds read in ml_append_int()</issue> <issue tracker="bnc" id="1201249">VUL-0: CVE-2022-2304: vim: stack buffer overflow in spell_dump_compl()</issue> <issue tracker="bnc" id="1200732">VUL-1: CVE-2022-1720: vim: out of bounds read in grab_file_name()</issue> <issue tracker="bnc" id="1201134">VUL-1: CVE-2022-2285: vim: negative size passed to memmove() due to integer overflow</issue> <issue tracker="bnc" id="1201135">VUL-1: CVE-2022-2286: vim: out of bounds read in ins_bytes()</issue> <issue tracker="bnc" id="1202511">VUL-1: CVE-2022-2862: vim: use-after-free in compile_nested_function()</issue> <issue tracker="bnc" id="1202687">VUL-1: CVE-2022-2923: vim: NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.0240</issue> <issue tracker="bnc" id="1202515">VUL-1: CVE-2022-2845: vim: Buffer Over-read related to display_dollar()</issue> <issue tracker="bnc" id="1201356">VUL-1: CVE-2022-2343: vim: Heap-based Buffer Overflow in GitHub repository vim prior to 9.0.0044</issue> <issue tracker="bnc" id="1202552">VUL-1: CVE-2022-2874: vim: NULL Pointer Dereference in generate_loadvar()</issue> <issue tracker="bnc" id="1201136">VUL-1: CVE-2022-2287: vim: out of bounds read in suggest_trie_walk()</issue> <issue tracker="bnc" id="1200701">VUL-1: CVE-2022-2129: vim: out of bounds write in vim_regsub_both()</issue> <issue tracker="bnc" id="1202599">VUL-1: CVE-2022-2889: vim: use-after-free in find_var_also_in_script() in evalvars.c</issue> <issue tracker="bnc" id="1201863">VUL-1: CVE-2022-2522: vim: out of bounds read via nested autocommand</issue> <issue tracker="bnc" id="1201153">VUL-1: CVE-2022-2207: vim: out of bounds read in ins_bs()</issue> <issue tracker="bnc" id="1201150">VUL-1: CVE-2022-2231: vim: null pointer dereference skipwhite()</issue> <issue tracker="bnc" id="1200697">VUL-1: CVE-2022-2124: vim: out of bounds read in current_quote()</issue> <issue tracker="bnc" id="1201133">VUL-1: CVE-2022-2284: vim: out of bounds read in utfc_ptr2len()</issue> <issue tracker="bnc" id="1200904">VUL-0: CVE-2022-2175: vim: Buffer Over-read through cmdline_insert_reg()</issue> <issue tracker="bnc" id="1201155">VUL-1: CVE-2022-2206: vim: out of bounds read in msg_outtrans_attr()</issue> <issue tracker="bnc" id="1200270">VUL-1: CVE-2022-1968: vim: use after free in utf_ptr2char</issue> <issue tracker="bnc" id="1201154">VUL-1: CVE-2022-2257: vim: out of bounds read in msg_outtrans_special()</issue> <issue tracker="bnc" id="1202051">VUL-1: CVE-2022-2598: vim: Undefined Behavior for Input to API related to diff_mark_adjust_tp() and ex_diffgetput()</issue> <issue tracker="bnc" id="1202862">VUL-1: CVE-2022-3016: vim: Use After Free in vim prior to 9.0.0285</issue> <issue tracker="bnc" id="1200903">VUL-0: CVE-2022-2182: vim: Heap-based Buffer Overflow through parse_cmd_address()</issue> <issue tracker="bnc" id="1201359">VUL-1: CVE-2022-2344: vim: Another Heap-based Buffer Overflow vim prior to 9.0.0045</issue> <issue tracker="bnc" id="1200902">VUL-0: CVE-2022-2183: vim: Out-of-bounds Read through get_lisp_indent()</issue> <issue tracker="cve" id="2022-1968"/> <issue tracker="cve" id="2022-2286"/> <issue tracker="cve" id="2022-2598"/> <issue tracker="cve" id="2022-2581"/> <issue tracker="cve" id="2022-2345"/> <issue tracker="cve" id="2022-2129"/> <issue tracker="cve" id="2022-2816"/> <issue tracker="cve" id="2022-1720"/> <issue tracker="cve" id="2022-2231"/> <issue tracker="cve" id="2022-2207"/> <issue tracker="cve" id="2022-2126"/> <issue tracker="cve" id="2022-2285"/> <issue tracker="cve" id="2022-2344"/> <issue tracker="cve" id="2022-2287"/> <issue tracker="cve" id="2022-2304"/> <issue tracker="cve" id="2022-2889"/> <issue tracker="cve" id="2022-3016"/> <issue tracker="cve" id="2022-2580"/> <issue tracker="cve" id="2022-2862"/> <issue tracker="cve" id="2022-2210"/> <issue tracker="cve" id="2022-2522"/> <issue tracker="cve" id="2022-2845"/> <issue tracker="cve" id="2022-2257"/> <issue tracker="cve" id="2022-2571"/> <issue tracker="cve" id="2022-2175"/> <issue tracker="cve" id="2022-2264"/> <issue tracker="cve" id="2022-2124"/> <issue tracker="cve" id="2022-2343"/> <issue tracker="cve" id="2022-2817"/> <issue tracker="cve" id="2022-2819"/> <issue tracker="cve" id="2022-2849"/> <issue tracker="cve" id="2022-2946"/> <issue tracker="cve" id="2022-2923"/> <issue tracker="cve" id="2022-2284"/> <issue tracker="cve" id="2022-2206"/> <issue tracker="cve" id="2022-2874"/> <issue tracker="cve" id="2022-2183"/> <issue tracker="cve" id="2022-2208"/> <issue tracker="cve" id="2022-2182"/> <issue tracker="cve" id="2022-2125"/> <packager>bzoltan1</packager> <rating>important</rating> <category>security</category> <summary>Security update for vim</summary> <description>This update for vim fixes the following issues: Updated to version 9.0 with patch level 0313: - CVE-2022-2183: Fixed out-of-bounds read through get_lisp_indent() (bsc#1200902). - CVE-2022-2182: Fixed heap-based buffer overflow through parse_cmd_address() (bsc#1200903). - CVE-2022-2175: Fixed buffer over-read through cmdline_insert_reg() (bsc#1200904). - CVE-2022-2304: Fixed stack buffer overflow in spell_dump_compl() (bsc#1201249). - CVE-2022-2343: Fixed heap-based buffer overflow in GitHub repository vim prior to 9.0.0044 (bsc#1201356). - CVE-2022-2344: Fixed another heap-based buffer overflow vim prior to 9.0.0045 (bsc#1201359). - CVE-2022-2345: Fixed use after free in GitHub repository vim prior to 9.0.0046. (bsc#1201363). - CVE-2022-2819: Fixed heap-based Buffer Overflow in compile_lock_unlock() (bsc#1202414). - CVE-2022-2874: Fixed NULL Pointer Dereference in generate_loadvar() (bsc#1202552). - CVE-2022-1968: Fixed use after free in utf_ptr2char (bsc#1200270). - CVE-2022-2124: Fixed out of bounds read in current_quote() (bsc#1200697). - CVE-2022-2125: Fixed out of bounds read in get_lisp_indent() (bsc#1200698). - CVE-2022-2126: Fixed out of bounds read in suggest_trie_walk() (bsc#1200700). - CVE-2022-2129: Fixed out of bounds write in vim_regsub_both() (bsc#1200701). - CVE-2022-1720: Fixed out of bounds read in grab_file_name() (bsc#1200732). - CVE-2022-2264: Fixed out of bounds read in inc() (bsc#1201132). - CVE-2022-2284: Fixed out of bounds read in utfc_ptr2len() (bsc#1201133). - CVE-2022-2285: Fixed negative size passed to memmove() due to integer overflow (bsc#1201134). - CVE-2022-2286: Fixed out of bounds read in ins_bytes() (bsc#1201135). - CVE-2022-2287: Fixed out of bounds read in suggest_trie_walk() (bsc#1201136). - CVE-2022-2231: Fixed null pointer dereference skipwhite() (bsc#1201150). - CVE-2022-2210: Fixed out of bounds read in ml_append_int() (bsc#1201151). - CVE-2022-2208: Fixed null pointer dereference in diff_check() (bsc#1201152). - CVE-2022-2207: Fixed out of bounds read in ins_bs() (bsc#1201153). - CVE-2022-2257: Fixed out of bounds read in msg_outtrans_special() (bsc#1201154). - CVE-2022-2206: Fixed out of bounds read in msg_outtrans_attr() (bsc#1201155). - CVE-2022-2522: Fixed out of bounds read via nested autocommand (bsc#1201863). - CVE-2022-2571: Fixed heap-based buffer overflow related to ins_comp_get_next_word_or_line() (bsc#1202046). - CVE-2022-2580: Fixed heap-based buffer overflow related to eval_string() (bsc#1202049). - CVE-2022-2581: Fixed out-of-bounds read related to cstrchr() (bsc#1202050). - CVE-2022-2598: Fixed undefined behavior for Input to API related to diff_mark_adjust_tp() and ex_diffgetput() (bsc#1202051). - CVE-2022-2817: Fixed use after gree in f_assert_fails() (bsc#1202420). - CVE-2022-2816: Fixed out-of-bounds Read in check_vim9_unlet() (bsc#1202421). - CVE-2022-2862: Fixed use-after-free in compile_nested_function() (bsc#1202511). - CVE-2022-2849: Fixed invalid memory access related to mb_ptr2len() (bsc#1202512). - CVE-2022-2845: Fixed buffer Over-read related to display_dollar() (bsc#1202515). - CVE-2022-2889: Fixed use-after-free in find_var_also_in_script() in evalvars.c (bsc#1202599). - CVE-2022-2923: Fixed NULL pointer dereference in GitHub repository vim/vim prior to 9.0.0240 (bsc#1202687). - CVE-2022-2946: Fixed use after free in function vim_vsnprintf_typval (bsc#1202689). - CVE-2022-3016: Fixed use after free in vim prior to 9.0.0285 (bsc#1202862). Bugfixes: - Fixing vim error on startup (bsc#1200884). - Fixing vim SUSE Linux Enterprise Server 15 SP4 Basesystem plugin-tlib issue (bsc#1201620). </description> </patchinfo>
