Package: vim Version: 2:8.2.3995-1 Severity: grave Tags: security upstream Justification: user security hole X-Debbugs-Cc: Debian Security Team <t...@security.debian.org>
Dear Maintainer, You may already know vim has CVE-2022-0318 NVD - CVE-2022-0318 https://nvd.nist.gov/vuln/detail/CVE-2022-0318 And upstram has already fixed this issue. patch 8.2.4151: reading beyond the end of a line ยท vim/vim@57df9e8 https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc Best, Yukiharu. -- Package-specific info: --- real paths of main Vim binaries --- /usr/bin/vi is /usr/bin/vim.gtk3 /usr/bin/vim is /usr/bin/vim.gtk3 /usr/bin/gvim is /usr/bin/vim.gtk3 -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 5.15.0-3-amd64 (SMP w/8 CPU threads) Kernel taint flags: TAINT_DIE, TAINT_WARN, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=ja_JP.UTF-8, LC_CTYPE=ja_JP.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages vim depends on: ii libacl1 2.3.1-1 ii libc6 2.33-5 ii libgpm2 1.20.7-10 ii libselinux1 3.3-1+b1 ii libsodium23 1.0.18-1 ii libtinfo6 6.3-2 ii vim-common 2:8.2.3995-1 ii vim-runtime 2:8.2.3995-1 vim recommends no packages. Versions of packages vim suggests: ii universal-ctags [ctags] 5.9.20210829.0-1 ii vim-doc 2:8.2.3995-1 ii vim-scripts 20210124.2 -- no debconf information