Overview

File _patchinfo of Package patchinfo.32818

<patchinfo incident="32818">
  <issue tracker="bnc" id="1217330">VUL-0: CVE-2023-48237: vim: overflow in shift_line</issue>
  <issue tracker="bnc" id="1217432">VUL-0: CVE-2023-48706: vim: heap-use-after-free in ex_substitute</issue>
  <issue tracker="bnc" id="1217326">VUL-0: CVE-2023-48235: vim: overflow in ex address parsing</issue>
  <issue tracker="bnc" id="1217316">VUL-0: CVE-2023-48231: vim: Use-After-Free in win_close()</issue>
  <issue tracker="bnc" id="1217321">VUL-0: CVE-2023-48233: vim: overflow with count for :s command</issue>
  <issue tracker="bnc" id="1217324">VUL-0: CVE-2023-48234: vim: overflow in nv_z_get_count</issue>
  <issue tracker="bnc" id="1217329">VUL-0: CVE-2023-48236: vim: overflow in get_number</issue>
  <issue tracker="bnc" id="1217320">VUL-0: CVE-2023-48232: vim: Floating point Exception in adjust_plines_for_skipcol()</issue>
  <issue tracker="bnc" id="1215005">VUL-0: CVE-2023-4750: vim: Heap use-after-free in function bt_quickfix</issue>
  <issue tracker="bnc" id="1219581">VUL-0: CVE-2024-22667: vim: stack-based buffer overflow in did_set_langmap function in map.c</issue>
  <issue tracker="cve" id="2023-48236"/>
  <issue tracker="cve" id="2023-48233"/>
  <issue tracker="cve" id="2023-48231"/>
  <issue tracker="cve" id="2023-48234"/>
  <issue tracker="cve" id="2023-4750"/>
  <issue tracker="cve" id="2023-48232"/>
  <issue tracker="cve" id="2023-48237"/>
  <issue tracker="cve" id="2024-22667"/>
  <issue tracker="cve" id="2023-48235"/>
  <issue tracker="cve" id="2023-48706"/>
  <packager>bzoltan1</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for vim</summary>
  <description>This update for vim fixes the following issues:

Updated to version 9.1.0111, fixes the following security problems

- CVE-2023-48231: Use-After-Free in win_close() (bsc#1217316).
- CVE-2023-48232: Floating point Exception in adjust_plines_for_skipcol() (bsc#1217320).
- CVE-2023-48233: overflow with count for :s command (bsc#1217321).
- CVE-2023-48234: overflow in nv_z_get_count (bsc#1217324).
- CVE-2023-48235: overflow in ex address parsing (CVE-2023-48235).
- CVE-2023-48236: overflow in get_number (bsc#1217329).
- CVE-2023-48237: overflow in shift_line (bsc#1217330).
- CVE-2023-48706: heap-use-after-free in ex_substitute (bsc#1217432).
- CVE-2024-22667: stack-based buffer overflow in did_set_langmap function in map.c (bsc#1219581).
- CVE-2023-4750: Heap use-after-free in function bt_quickfix (bsc#1215005).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places