Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2024ef3a by Salvatore Bonaccorso at 2022-08-21T10:20:02+02:00
Track various vim issues fixed via unstable upload
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -282,7 +282,7 @@ CVE-2022-2891
CVE-2022-2890
RESERVED
CVE-2022-2889 (Use After Free in GitHub repository vim/vim prior to 9.0.0225.
...)
- - vim <unfixed>
+ - vim 2:9.0.0229-1
NOTE: https://huntr.dev/bounties/d1ac9817-825d-49ce-b514-1d5b12b6bdaa
NOTE:
https://github.com/vim/vim/commit/91c7cbfe31bbef57d5fcf7d76989fc159f73ef15
(v9.0.0225)
CVE-2022-2888
@@ -388,7 +388,7 @@ CVE-2022-2864
CVE-2022-2863
RESERVED
CVE-2022-2862 (Use After Free in GitHub repository vim/vim prior to 9.0.0221.
...)
- - vim <unfixed>
+ - vim 2:9.0.0229-1
NOTE: https://huntr.dev/bounties/71180988-1ab6-4311-bca8-e9a879b06765
NOTE:
https://github.com/vim/vim/commit/1889f499a4f248cd84e0e0bf6d0d820016774494
(v9.0.0221)
CVE-2022-2861
@@ -477,7 +477,7 @@ CVE-2022-2850 [SIGSEGV in sync_repl]
NOTE: https://github.com/389ds/389-ds-base/issues/5418
NOTE: Results from an incomplete fix for CVE-2021-3514
CVE-2022-2849 (Heap-based Buffer Overflow in GitHub repository vim/vim prior
to 9.0.0 ...)
- - vim <unfixed>
+ - vim 2:9.0.0229-1
NOTE: https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e
NOTE:
https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2
(v9.0.0220)
CVE-2022-2848
@@ -487,7 +487,7 @@ CVE-2022-2847 (A vulnerability, which was classified as
critical, has been found
CVE-2022-2846 (A vulnerability classified as problematic was found in Calendar
Event ...)
NOT-FOR-US: WordPress plugin
CVE-2022-2845 (Buffer Over-read in GitHub repository vim/vim prior to
9.0.0218. ...)
- - vim <unfixed>
+ - vim 2:9.0.0229-1
NOTE: https://huntr.dev/bounties/3e1d31ac-1cfd-4a9f-bc5c-213376b69445
NOTE:
https://github.com/vim/vim/commit/e98c88c44c308edaea5994b8ad4363e65030968c
(v9.0.0218)
CVE-2022-2844 (A vulnerability classified as problematic has been found in
MotoPress ...)
@@ -676,7 +676,7 @@ CVE-2022-2821 (Missing Critical Step in Authentication in
GitHub repository name
CVE-2022-2820 (Improper Access Control in GitHub repository
namelessmc/nameless prior ...)
NOT-FOR-US: NamelessMC/Nameless
CVE-2022-2819 (Heap-based Buffer Overflow in GitHub repository vim/vim prior
to 9.0.0 ...)
- - vim <unfixed>
+ - vim 2:9.0.0229-1
NOTE: https://huntr.dev/bounties/0a9bd71e-66b8-4eb1-9566-7dfd9b097e59
NOTE:
https://github.com/vim/vim/commit/d1d8f6bacb489036d0fd479c9dd3c0102c988889
(v9.0.0211)
CVE-2022-2818 (Authentication Bypass by Primary Weakness in GitHub repository
cockpit ...)
@@ -861,11 +861,11 @@ CVE-2022-38219
CVE-2022-38218
RESERVED
CVE-2022-2817 (Use After Free in GitHub repository vim/vim prior to 9.0.0213.
...)
- - vim <unfixed>
+ - vim 2:9.0.0229-1
NOTE: https://huntr.dev/bounties/a7b7d242-3d88-4bde-a681-6c986aff886f
NOTE:
https://github.com/vim/vim/commit/249e1b903a9c0460d618f6dcc59aeb8c03b24b20
(v9.0.0213)
CVE-2022-2816 (Out-of-bounds Read in GitHub repository vim/vim prior to
9.0.0212. ...)
- - vim <unfixed>
+ - vim 2:9.0.0229-1
NOTE: https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58
NOTE:
https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666
(v9.0.0212)
CVE-2022-38217
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2024ef3a8c9b0969cc2b160cacbb0a78767c4341
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2024ef3a8c9b0969cc2b160cacbb0a78767c4341
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
