vim 2:8.0.1453-1ubuntu1.13 source package in Ubuntu
Changelog
vim (2:8.0.1453-1ubuntu1.13) bionic-security; urgency=medium
* SECURITY UPDATE: use-after-free when matching inside a visual selection
- debian/patches/CVE-2021-4192.patch: get the line again after getvvcol().
- CVE-2021-4192
* SECURITY UPDATE: out-of-bounds read when processing data in visual mode
- debian/patches/CVE-2021-4193.patch: check for valid column in getvcol().
- CVE-2021-4193
* SECURITY UPDATE: heap buffer overflow when processing long file names
- debian/patches/CVE-2022-0213.patch: check length when appending a space.
- CVE-2022-0213
* SECURITY UPDATE: heap-based buffer overflow when performing a block insert
- debian/patches/CVE-2022-0261.patch: handle invalid byte better. Fix
inserting the wrong text.
- debian/patches/CVE-2022-0318-1.patch: for block insert only use the
offset for correcting the length.
- debian/patches/CVE-2022-0318-2.patch: adjust the expected output for
utf8 block insert test.
- CVE-2022-0261
- CVE-2022-0318
* SECURITY UPDATE: out-of-bounds read when exchanging windows in visual mode
- debian/patches/CVE-2022-0319.patch: correct end of Visual area when
entering another buffer.
- CVE-2022-0319
* SECURITY UPDATE: stack pointer corruption when parsing too many brackets
in expression
- debian/patches/CVE-2022-0351.patch: limit recursion to 1000.
- CVE-2022-0351
* SECURITY UPDATE: illegal memory access when processing large indent in ex
mode
- debian/patches/CVE-2022-0359.patch: allocate enough memory.
- CVE-2022-0359
* SECURITY UPDATE: illegal memory access when copying lines in visual mode
- debian/patches/CVE-2022-0361.patch: adjust the Visual position after
copying lines.
- CVE-2022-0361
* SECURITY UPDATE: illegal memory access when undo makes visual area invalid
in visual mode
- debian/patches/CVE-2022-0368.patch: correct the Visual area after undo.
- CVE-2022-0368
* SECURITY UPDATE: stack corruption when looking for spelling suggestions
- debian/patches/CVE-2022-0408.patch: prevent the depth increased too
much. Add a five second time limit to finding suggestions.
- CVE-2022-0408
* SECURITY UPDATE: use of freed memory when managing buffers
- debian/patches/CVE-2022-0443.patch: do not use wiped out buffer.
- CVE-2022-0443
* SECURITY UPDATE: heap buffer overflow when processing vim buffers
- debian/patches/CVE-2022-0554.patch: when deleting the current buffer to
not pick a quickfix buffer as the new current buffer.
- CVE-2022-0554
* SECURITY UPDATE: heap buffer overflow when repeatedly using :retab
- debian/patches/CVE-2022-0572.patch: bail out when the line is getting
too long.
- CVE-2022-0572
* SECURITY UPDATE: out-of-range pointer offset when using special multi-byte
character
- debian/patches/CVE-2022-0685.patch: don't use isalpha() for an arbitrary
character.
- CVE-2022-0685
* SECURITY UPDATE: heap buffer overflow when processing anomalous
'vartabstop' value
- debian/patches/CVE-2022-0714.patch: check for running into the end of
the line.
- CVE-2022-0714
* SECURITY UPDATE: out-of-range pointer offset when processing specific
regexp pattern and string
- debian/patches/CVE-2022-0729.patch: stop at the start of the string.
- CVE-2022-0729
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2207.patch: adds a check to see if the cursor
column is great than zero.
- CVE-2022-2207
-- Nishit Majithia <email address hidden> Tue, 18 Apr 2023 14:50:34 +0530
Upload details
- Uploaded by:
- Nishit Majithia
- Uploaded to:
- Bionic
- Original maintainer:
- Ubuntu Developers
- Architectures:
- any all
- Section:
- editors
- Urgency:
- Medium Urgency
See full publishing history Publishing
| Series | Published | Component | Section | |
|---|---|---|---|---|
| Bionic | updates | main | editors | |
| Bionic | security | main | editors |
Downloads
| File | Size | SHA-256 Checksum |
|---|---|---|
| vim_8.0.1453.orig.tar.gz | 12.8 MiB | ddf3f1baf0aa8f2a988bd6ef3ee305a6cd99f365de9024faa2827a1344be8679 |
| vim_8.0.1453-1ubuntu1.13.debian.tar.xz | 217.1 KiB | 38ef784a7d05b44c8fc229e9d9bee78ec3ab0545da5b0d5a3391e07327a3d333 |
| vim_8.0.1453-1ubuntu1.13.dsc | 2.8 KiB | 16ff0fb19dd8284ed472f79ab4dfa59cac3231c9873528d94a3572dbbc646407 |
Available diffs
Binary packages built by this source
- vim: Vi IMproved - enhanced vi editor
Vim is an almost compatible version of the UNIX editor Vi.
.
Many new features have been added: multi level undo, syntax
highlighting, command line history, on-line help, filename
completion, block operations, folding, Unicode support, etc.
.
This package contains a version of vim compiled with a rather
standard set of features. This package does not provide a GUI
version of Vim. See the other vim-* packages if you need more
(or less).
- vim-athena: Vi IMproved - enhanced vi editor - with Athena GUI
Vim is an almost compatible version of the UNIX editor Vi.
.
Many new features have been added: multi level undo, syntax
highlighting, command line history, on-line help, filename
completion, block operations, folding, Unicode support, etc.
.
This package contains a version of vim compiled with a Athena GUI
and support for scripting with Lua, Perl, Python 3, Ruby, and Tcl.
- vim-athena-dbgsym: debug symbols for vim-athena
- vim-common: Vi IMproved - Common files
Vim is an almost compatible version of the UNIX editor Vi.
.
This package contains files shared by all non GUI-enabled vim variants
available in Debian. Examples of such shared files are: manpages and
configuration files.
- vim-dbgsym: debug symbols for vim
- vim-doc: Vi IMproved - HTML documentation
Vim is an almost compatible version of the UNIX editor Vi.
.
This package contains the HTML version of the online documentation. It is
built from the runtime/doc directory of the source tree.
- vim-gnome: Vi IMproved - enhanced vi editor (dummy package)
This is a transitional package to install the vim-gtk3 package. You may
remove this package if nothing depends on it.
- vim-gtk: Vi IMproved - enhanced vi editor - with GTK2 GUI
Vim is an almost compatible version of the UNIX editor Vi.
.
Many new features have been added: multi level undo, syntax
highlighting, command line history, on-line help, filename
completion, block operations, folding, Unicode support, etc.
.
This package contains a version of vim compiled with a GTK2 GUI
and support for scripting with Lua, Perl, Python 3, Ruby, and Tcl.
- vim-gtk-dbgsym: debug symbols for vim-gtk
- vim-gtk3: Vi IMproved - enhanced vi editor - with GTK3 GUI
Vim is an almost compatible version of the UNIX editor Vi.
.
Many new features have been added: multi level undo, syntax
highlighting, command line history, on-line help, filename
completion, block operations, folding, Unicode support, etc.
.
This package contains a version of vim compiled with a GTK3 GUI
and support for scripting with Lua, Perl, Python 3, and Tcl.
- vim-gtk3-dbgsym: debug symbols for vim-gtk3
- vim-gui-common: Vi IMproved - Common GUI files
Vim is an almost compatible version of the UNIX editor Vi.
.
This package contains files shared by all GUI-enabled vim
variants available in Debian. Examples of such shared files are:
gvimtutor, icons, and desktop environments settings.
- vim-nox: Vi IMproved - enhanced vi editor - with scripting languages support
Vim is an almost compatible version of the UNIX editor Vi.
.
Many new features have been added: multi level undo, syntax
highlighting, command line history, on-line help, filename
completion, block operations, folding, Unicode support, etc.
.
This package contains a version of vim compiled with support for
scripting with Lua, Perl, Python 3, Ruby, and Tcl but no GUI.
- vim-nox-dbgsym: debug symbols for vim-nox
- vim-runtime: Vi IMproved - Runtime files
Vim is an almost compatible version of the UNIX editor Vi.
.
This package contains vimtutor and the architecture independent runtime
files, used, if available, by all vim variants available in Debian.
Example of such runtime files are: online documentation, rules for
language-specific syntax highlighting and indentation, color schemes,
and standard plugins.
- vim-tiny: Vi IMproved - enhanced vi editor - compact version
Vim is an almost compatible version of the UNIX editor Vi.
.
This package contains a minimal version of Vim compiled with no GUI and
a small subset of features. This package's sole purpose is to provide
the vi binary for base installations.
.
If a vim binary is wanted, try one of the following more featureful
packages: vim, vim-nox, vim-athena, vim-gtk, or vim-gtk3.
- vim-tiny-dbgsym: debug symbols for vim-tiny
- xxd: tool to make (or reverse) a hex dump
xxd creates a hex dump of a given file or standard input. It can also convert
a hex dump back to its original binary form.
- xxd-dbgsym: debug symbols for xxd
