Change log for vim package in Ubuntu
| 1 → 75 of 291 results | First • Previous • Next • Last |
vim (2:9.1.0016-1ubuntu7) noble; urgency=medium * No-change rebuild for CVE-2024-3094 -- Steve Langasek <email address hidden> Sun, 31 Mar 2024 00:15:53 +0000
Available diffs
vim (2:9.1.0016-1ubuntu6) noble; urgency=medium * No-change rebuild against libcanberra t64. -- Matthias Klose <email address hidden> Sun, 24 Mar 2024 14:47:33 +0100
Available diffs
vim (2:9.0.1672-1ubuntu2.3) mantic-security; urgency=medium
* SECURITY UPDATE: stack based buffer overflow
- debian/patches/CVE-2024-22667.patch: passes error buffer length down
through option callback functions.
- CVE-2024-22667
-- Ian Constantin <email address hidden> Thu, 14 Mar 2024 15:39:48 +0200
Available diffs
vim (2:8.1.2269-1ubuntu5.22) focal-security; urgency=medium
* SECURITY UPDATE: stack based buffer overflow
- debian/patches/CVE-2024-22667.patch: passes error buffer length down
through option callback functions.
- CVE-2024-22667
-- Ian Constantin <email address hidden> Thu, 14 Mar 2024 11:29:25 +0200
Available diffs
vim (2:8.2.3995-1ubuntu2.16) jammy-security; urgency=medium
* SECURITY UPDATE: stack based buffer overflow
- debian/patches/CVE-2024-22667.patch: passes error buffer length down
through option callback functions.
- debian/patches/remove-flaky-matchfuzzy-test.patch: removing flaky test
initially introduced in d/p/CVE-2023-2426.patch due to long run time
causing the test and builds to fail.
- CVE-2024-22667
-- Ian Constantin <email address hidden> Thu, 14 Mar 2024 11:05:11 +0200
Available diffs
| Superseded in noble-proposed |
vim (2:9.1.0016-1ubuntu5) noble; urgency=medium * No-change rebuild against libperl5.38t64 -- Steve Langasek <email address hidden> Sat, 09 Mar 2024 18:23:42 +0000
Available diffs
| Superseded in noble-proposed |
vim (2:9.1.0016-1ubuntu4) noble; urgency=medium * No-change rebuild against libglib2.0-0t64 -- Steve Langasek <email address hidden> Fri, 08 Mar 2024 07:56:16 +0000
Available diffs
vim (2:9.1.0016-1ubuntu3) noble; urgency=medium * No-change upload to remove support of ruby3.1. -- Lucas Kanashiro <email address hidden> Tue, 20 Feb 2024 15:51:36 -0300
Available diffs
vim (2:9.1.0016-1ubuntu2) noble; urgency=medium * No-change rebuild with Python 3.12 as default -- Graham Inggs <email address hidden> Fri, 19 Jan 2024 21:04:08 +0000
Available diffs
| Superseded in noble-proposed |
vim (2:9.1.0016-1ubuntu1) noble; urgency=medium * Merge from Debian Unstable (LP: #2047982). Remaining changes: - debian/runtime/vimrc: + "syntax on" is a sane default for non-tiny Vim. - debian/patches/debian/ubuntu-grub-syntax.patch: + Add Ubuntu-specific "quiet" keyword. - debian/patches/ubuntu-mouse-off.patch: + Mouse mode is actively harmful in some chroots. - debian/patches/increase_timeout.diff: + Increase timeout for the Test_pattern_compile_speed patch. - debian/patches/0001-fix-flaky-terminal-mode-test.vim: + Fix flaky Vim terminal mode test. - debian/patches/0002-disable-failing-tests-on-ppc64.patch: + Disable some tests that were throwing an ENOMEM during build on ppc64el. The tests are only disabled when building on ppc64el.
Available diffs
| Superseded in noble-proposed |
vim (2:9.1.0-1ubuntu3) noble; urgency=medium * No-change rebuild due to failed Launchpad dist-upgrade. -- Matthias Klose <email address hidden> Thu, 11 Jan 2024 13:48:47 +0100
Available diffs
- diff from 2:9.1.0-1ubuntu2 to 2:9.1.0-1ubuntu3 (316 bytes)
| Superseded in noble-proposed |
vim (2:9.1.0-1ubuntu2) noble; urgency=medium * No-change rebuild for the perl update. -- Matthias Klose <email address hidden> Wed, 10 Jan 2024 14:13:51 +0100
Available diffs
- diff from 2:9.1.0-1ubuntu1 to 2:9.1.0-1ubuntu2 (322 bytes)
vim (2:9.1.0-1ubuntu1) noble; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
Available diffs
vim (2:9.0.2189-1ubuntu1) noble; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
Available diffs
vim (2:9.0.2184-0ubuntu1) noble; urgency=medium
* New upstream release.
- Forwarded: https://salsa.debian.org/vim-team/vim/-/merge_requests/9
- Drop all reverse-applicable CVE patches.
-- Simon Quigley <email address hidden> Sat, 23 Dec 2023 11:58:34 -0600
Available diffs
vim (2:8.2.3995-1ubuntu2.15) jammy-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-1725.patch: Check for regexp program becoming NULL
in more places.
- CVE-2022-1725
* SECURITY UPDATE: denial of service
- debian/patches/CVE-2022-1771.patch: Limit recursion of getcmdline().
- CVE-2022-1771
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2022-1886.patch: Check the length is more than zero.
- CVE-2022-1886
* SECURITY UPDATE: out of bounds write vulnerability
- debian/patches/CVE-2022-1897.patch: Disallow undo when in a substitute
command.
- CVE-2022-1897
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2022-2000.patch: addresses the potential for an
overflow by adding a bounds check and truncating the message if needed.
- CVE-2022-2000
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2022-2042.patch: Initialize "attr". Check for empty
line early.
- CVE-2022-2042
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-46246.patch: Check that the return value from the
vim_str2nr() function is not larger than INT_MAX and if yes, bail out with
an error.
- CVE-2023-46246
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-48231.patch: If the current window structure is
no longer valid, fail and return before attempting to set win->w_closing
variable.
- CVE-2023-48231
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48233.patch: If the count after the :s command is
larger than what fits into a (signed) long variable, abort with
e_value_too_large.
- CVE-2023-48233
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48234.patch: When getting the count for a normal z
command, it may overflow for large counts given. So verify, that we can
safely store the result in a long.
- CVE-2023-48234
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48235.patch: When parsing relative ex addresses
one may unintentionally cause an overflow (because LONG_MAX - lnum will
overflow for negative addresses).
- CVE-2023-48235
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48236.patch: When using the z= command, we may
overflow the count with values larger than MAX_INT. So verify that we do
not overflow and in case when an overflow is detected, simply return 0.
- CVE-2023-48236
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48237.patch: When shifting lines in operator
pending mode and using a very large value, we may overflow the size of
integer. Fix this by using a long variable, testing if the result would
be larger than INT_MAX and if so, indent by INT_MAX value.
- CVE-2023-48237
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-48706.patch: ensure that the sub var always using
allocated memory.
- CVE-2023-48706
-- Fabian Toepfer <email address hidden> Tue, 05 Dec 2023 18:58:57 +0100
Available diffs
vim (2:8.1.2269-1ubuntu5.21) focal-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-1725.patch: Check for regexp program becoming NULL
in more places.
- CVE-2022-1725
* SECURITY UPDATE: denial of service
- debian/patches/CVE-2022-1771.patch: Limit recursion of getcmdline().
- CVE-2022-1771
* SECURITY UPDATE: out of bounds write vulnerability
- debian/patches/CVE-2022-1897.patch: Disallow undo when in a substitute
command.
- CVE-2022-1897
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2022-2000.patch: addresses the potential for an
overflow by adding a bounds check and truncating the message if needed.
- CVE-2022-2000
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-46246.patch: Check that the return value from the
vim_str2nr() function is not larger than INT_MAX and if yes, bail out with
an error.
- CVE-2023-46246
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-48231.patch: If the current window structure is
no longer valid, fail and return before attempting to set win->w_closing
variable.
- CVE-2023-48231
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48233.patch: If the count after the :s command is
larger than what fits into a (signed) long variable, abort with
e_value_too_large.
- CVE-2023-48233
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48234.patch: When getting the count for a normal z
command, it may overflow for large counts given. So verify, that we can
safely store the result in a long.
- CVE-2023-48234
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48235.patch: When parsing relative ex addresses
one may unintentionally cause an overflow (because LONG_MAX - lnum will
overflow for negative addresses).
- CVE-2023-48235
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48236.patch: When using the z= command, we may
overflow the count with values larger than MAX_INT. So verify that we do
not overflow and in case when an overflow is detected, simply return 0.
- CVE-2023-48236
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48237.patch: When shifting lines in operator
pending mode and using a very large value, we may overflow the size of
integer. Fix this by using a long variable, testing if the result would
be larger than INT_MAX and if so, indent by INT_MAX value.
- CVE-2023-48237
-- Fabian Toepfer <email address hidden> Thu, 07 Dec 2023 16:42:49 +0100
Available diffs
vim (2:9.0.1000-4ubuntu3.3) lunar-security; urgency=medium
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-46246.patch: Check that the return value from the
vim_str2nr() function is not larger than INT_MAX and if yes, bail out with
an error.
- CVE-2023-46246
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-48231.patch: If the current window structure is
no longer valid, fail and return before attempting to set win->w_closing
variable.
- CVE-2023-48231
* SECURITY UPDATE: division by zero
- debian/patches/CVE-2023-48232-*.patch: Prevent a floating point exception
when calculating w_skipcol (which can happen with a small window when the
number option is set and cpo+=n).
- CVE-2023-48232
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48233.patch: If the count after the :s command is
larger than what fits into a (signed) long variable, abort with
e_value_too_large.
- CVE-2023-48233
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48234.patch: When getting the count for a normal z
command, it may overflow for large counts given. So verify, that we can
safely store the result in a long.
- CVE-2023-48234
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48235.patch: When parsing relative ex addresses
one may unintentionally cause an overflow (because LONG_MAX - lnum will
overflow for negative addresses).
- CVE-2023-48235
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48236.patch: When using the z= command, we may
overflow the count with values larger than MAX_INT. So verify that we do
not overflow and in case when an overflow is detected, simply return 0.
- CVE-2023-48236
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48237.patch: When shifting lines in operator
pending mode and using a very large value, we may overflow the size of
integer. Fix this by using a long variable, testing if the result would
be larger than INT_MAX and if so, indent by INT_MAX value.
- CVE-2023-48237
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-48706.patch: ensure that the sub var always using
allocated memory.
- CVE-2023-48706
-- Fabian Toepfer <email address hidden> Tue, 05 Dec 2023 18:29:58 +0100
Available diffs
vim (2:9.0.1672-1ubuntu2.2) mantic-security; urgency=medium
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-46246.patch: Check that the return value from the
vim_str2nr() function is not larger than INT_MAX and if yes, bail out with
an error.
- CVE-2023-46246
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-48231.patch: If the current window structure is
no longer valid, fail and return before attempting to set win->w_closing
variable.
- CVE-2023-48231
* SECURITY UPDATE: division by zero
- debian/patches/CVE-2023-48232-*.patch: Prevent a floating point exception
when calculating w_skipcol (which can happen with a small window when the
number option is set and cpo+=n).
- CVE-2023-48232
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48233.patch: If the count after the :s command is
larger than what fits into a (signed) long variable, abort with
e_value_too_large.
- CVE-2023-48233
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48234.patch: When getting the count for a normal z
command, it may overflow for large counts given. So verify, that we can
safely store the result in a long.
- CVE-2023-48234
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48235.patch: When parsing relative ex addresses
one may unintentionally cause an overflow (because LONG_MAX - lnum will
overflow for negative addresses).
- CVE-2023-48235
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48236.patch: When using the z= command, we may
overflow the count with values larger than MAX_INT. So verify that we do
not overflow and in case when an overflow is detected, simply return 0.
- CVE-2023-48236
* SECURITY UPDATE: integer overflow
- debian/patches/CVE-2023-48237.patch: When shifting lines in operator
pending mode and using a very large value, we may overflow the size of
integer. Fix this by using a long variable, testing if the result would
be larger than INT_MAX and if so, indent by INT_MAX value.
- CVE-2023-48237
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-48706.patch: ensure that the sub var always using
allocated memory.
- CVE-2023-48706
-- Fabian Toepfer <email address hidden> Mon, 04 Dec 2023 13:42:16 +0100
Available diffs
vim (2:9.0.2116-1ubuntu2) noble; urgency=medium
* SECURITY UPDATE: use-after-free in ex_substitute
- debian/patches/CVE-2023-48706.patch
- CVE-2023-48706
-- Simon Quigley <email address hidden> Tue, 28 Nov 2023 13:13:06 -0600
Available diffs
vim (2:9.0.2116-1ubuntu1) noble; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
Available diffs
vim (2:9.0.2087-1ubuntu1) noble; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
Available diffs
vim (2:8.1.2269-1ubuntu5.20) focal-security; urgency=medium
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after
reset_VIsual() in do_ecmd.
- CVE-2023-4733
* SECURITY UPDATE: out of bounds write vulnerability
- debian/patches/CVE-2023-4735.patch: Add check for buffer size to avoid
overflow in do_addsub.
- CVE-2023-4735
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4750.patch: Check buffer is valid before
accessing it.
- CVE-2023-4750
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4751.patch: Stop Visual mode when using :ball
to avoid illegal memory access.
- CVE-2023-4751
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4752.patch: validate buffer before accessing it
in ins_compl_get_exp.
- CVE-2023-4752
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4781.patch: Disallow exchanging windows when
textlock is active in vim_regsub_both.
- CVE-2023-4781
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-5344.patch: Add NULL at end of buffer in
trunc_string.
- CVE-2023-5344
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2023-5441.patch: skip gui_scroll when exmode_active
in gui_do_scroll.
- CVE-2023-5441
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-5535.patch: block autocommands in
buf_contents_changed.
- CVE-2023-5535
-- Fabian Toepfer <email address hidden> Mon, 16 Oct 2023 20:14:13 +0200
Available diffs
| Superseded in noble-proposed |
vim (2:9.0.2018-1ubuntu1) noble; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
* debian/patches/ubuntu-codenames.patch:
- Update the supported list of codenames.
Available diffs
vim (2:9.0.1672-1ubuntu2.1) mantic-security; urgency=medium
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after
reset_VIsual() in do_ecmd.
- CVE-2023-4733
* SECURITY UPDATE: integer overflow vulnerability
- debian/patches/CVE-2023-4734.patch: Check for typeval correctly in
f_fullcommand.
- CVE-2023-4734
* SECURITY UPDATE: out of bounds write vulnerability
- debian/patches/CVE-2023-4735.patch: Add check for buffer size to avoid
overflow in do_addsub.
- CVE-2023-4735
* SECURITY UPDATE: buffer overflow vulnerability
- debian/patches/CVE-2023-4738.patch: Check remaining space in
vim_regsub_both.
- CVE-2023-4738
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4750.patch: Check buffer is valid before
accessing it.
- CVE-2023-4750
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4752.patch: validate buffer before accessing it
in ins_compl_get_exp.
- CVE-2023-4752
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4781.patch: Disallow exchanging windows when
textlock is active in vim_regsub_both.
- CVE-2023-4781
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-5344.patch: Add NULL at end of buffer in
trunc_string.
- CVE-2023-5344
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2023-5441.patch: skip gui_scroll when exmode_active
in gui_do_scroll.
- CVE-2023-5441
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-5535.patch: block autocommands in
buf_contents_changed.
- CVE-2023-5535
-- Fabian Toepfer <email address hidden> Mon, 16 Oct 2023 20:21:01 +0200
Available diffs
vim (2:9.0.1000-4ubuntu3.2) lunar-security; urgency=medium
* SECURITY UPDATE: divide-by-zero vulnerability
- debian/patches/CVE-2023-3896-pre.patch: Adjust logic for scrolling to
avoid cursor moving to wrong line when 'foldmethod' is "diff".
- debian/patches/CVE-2023-3896.patch: Add check for width to avoid
division by zero in scroll_cursor_bot.
- CVE-2023-3896
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after
reset_VIsual() in do_ecmd.
- CVE-2023-4733
* SECURITY UPDATE: integer overflow vulnerability
- debian/patches/CVE-2023-4734.patch: Check for typeval correctly in
f_fullcommand.
- CVE-2023-4734
* SECURITY UPDATE: out of bounds write vulnerability
- debian/patches/CVE-2023-4735.patch: Add check for buffer size to avoid
overflow in do_addsub.
- CVE-2023-4735
* SECURITY UPDATE: buffer overflow vulnerability
- debian/patches/CVE-2023-4738.patch: Check remaining space in
vim_regsub_both.
- CVE-2023-4738
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4750.patch: Check buffer is valid before
accessing it.
- CVE-2023-4750
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4751.patch: Stop Visual mode when using :ball
to avoid illegal memory access.
- CVE-2023-4751
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4752.patch: validate buffer before accessing it
in ins_compl_get_exp.
- CVE-2023-4752
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4781.patch: Disallow exchanging windows when
textlock is active in vim_regsub_both.
- CVE-2023-4781
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-5344.patch: Add NULL at end of buffer in
trunc_string.
- CVE-2023-5344
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2023-5441.patch: skip gui_scroll when exmode_active
in gui_do_scroll.
- CVE-2023-5441
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-5535.patch: block autocommands in
buf_contents_changed.
- CVE-2023-5535
-- Fabian Toepfer <email address hidden> Mon, 16 Oct 2023 17:44:49 +0200
Available diffs
vim (2:8.2.3995-1ubuntu2.13) jammy-security; urgency=medium
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after
reset_VIsual() in do_ecmd.
- CVE-2023-4733
* SECURITY UPDATE: integer overflow vulnerability
- debian/patches/CVE-2023-4734.patch: Check for typeval correctly in
f_fullcommand.
- CVE-2023-4734
* SECURITY UPDATE: out of bounds write vulnerability
- debian/patches/CVE-2023-4735.patch: Add check for buffer size to avoid
overflow in do_addsub.
- CVE-2023-4735
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4750.patch: Check buffer is valid before
accessing it.
- CVE-2023-4750
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4751.patch: Stop Visual mode when using :ball
to avoid illegal memory access.
- CVE-2023-4751
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-4752.patch: validate buffer before accessing it
in ins_compl_get_exp.
- CVE-2023-4752
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-4781.patch: Disallow exchanging windows when
textlock is active in vim_regsub_both.
- CVE-2023-4781
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-5344.patch: Add NULL at end of buffer in
trunc_string.
- CVE-2023-5344
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2023-5441.patch: skip gui_scroll when exmode_active
in gui_do_scroll.
- CVE-2023-5441
* SECURITY UPDATE: use-after-free vulnerability
- debian/patches/CVE-2023-5535.patch: block autocommands in
buf_contents_changed.
- CVE-2023-5535
-- Fabian Toepfer <email address hidden> Mon, 16 Oct 2023 20:15:38 +0200
Available diffs
vim (2:8.1.2269-1ubuntu5.18) focal-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-3234.patch: Check for replacing NUL after Tab.
- debian/patches/CVE-2022-3520.patch: Check that the column does not
become negative.
- CVE-2022-3234
- CVE-2022-3520
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-3256.patch: Copy the mark before editing
another buffer
- debian/patches/CVE-2022-3352.patch: Disallow deleting the current
buffer to avoid using freed memory
- debian/patches/CVE-2022-3591.patch: Disallow navigating to a dummy
buffer
- debian/patches/CVE-2022-3705.patch: Set the quickfix-busy flag while
filling the buffer
- debian/patches/CVE-2022-4292.patch: Bail out if the window no longer
exists.
- CVE-2022-3256
- CVE-2022-3352
- CVE-2022-3591
- CVE-2022-3705
- CVE-2022-4292
* SECURITY UPDATE: stack-based buffer overflow
- debian/patches/CVE-2022-3324.patch: Make sure the window width does
not become negative
- CVE-2022-3324
* SECURITY UPDATE: incorrect floating point comparison
- debian/patches/CVE-2022-4293.patch: fix floating point comparison
- CVE-2022-4293
* debian/patches/fix_flaky_tests.patch: skip failing test
-- Nishit Majithia <email address hidden> Fri, 06 Oct 2023 13:50:32 +0530
Available diffs
vim (2:8.2.3995-1ubuntu2.12) jammy-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-3234.patch: Check for replacing NUL after Tab.
- debian/patches/CVE-2022-3491.patch: Do not return an invalid pointer.
Fix skipping redirection
- debian/patches/CVE-2022-3520.patch: Check that the column does not
become negative.
- CVE-2022-3234
- CVE-2022-3491
- CVE-2022-3520
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-3235.patch: Make sure pointer to b_p_iminsert
is still valid.
- debian/patches/CVE-2022-3256.patch: Copy the mark before editing
another buffer
- debian/patches/CVE-2022-3297.patch: Make a copy of the option. Make
sure cursor position is valid
- debian/patches/CVE-2022-3352.patch: Disallow deleting the current
buffer to avoid using freed memory
- debian/patches/CVE-2022-3591.patch: Disallow navigating to a dummy
buffer
- debian/patches/CVE-2022-3705.patch: Set the quickfix-busy flag while
filling the buffer
- debian/patches/CVE-2022-4292.patch: Bail out if the window no longer
exists.
- CVE-2022-3235
- CVE-2022-3256
- CVE-2022-3297
- CVE-2022-3352
- CVE-2022-3591
- CVE-2022-3705
- CVE-2022-4292
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-3278.patch: Don't get a next line when
skipping over NL
- CVE-2022-3278
* SECURITY UPDATE: stack-based buffer overflow
- debian/patches/CVE-2022-3324.patch: Make sure the window width does
not become negative
- CVE-2022-3324
* SECURITY UPDATE: incorrect floating point comparison
- debian/patches/CVE-2022-4293.patch: fix floating point comparison
- CVE-2022-4293
* debian/patches/fix_flaky_tests.patch: fix some flaky tests
-- Nishit Majithia <email address hidden> Fri, 06 Oct 2023 13:19:43 +0530
Available diffs
| Superseded in noble-release |
| Published in mantic-release |
| Deleted in mantic-proposed (Reason: Moved to mantic) |
vim (2:9.0.1672-1ubuntu2) mantic; urgency=medium * debian/patches/0002-disable-failing-tests-on-ppc64.patch (LP: #2033072) - Skip few more tests failing on ppc64el due to sodium_mlock(). Some of them also failed on arm64 and armd64 during tests with a PPA, so skip them on those archs as well. -- Danilo Egea Gondolfo <email address hidden> Fri, 25 Aug 2023 13:17:49 +0100
Available diffs
vim (2:8.2.3995-1ubuntu2.11) jammy-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2522.patch: Terminate string with NUL
- debian/patches/CVE-2022-2580.patch: Properly skip over <Key> form
- debian/patches/CVE-2022-2819.patch: Don't read past the end of the
line
- CVE-2022-2522
- CVE-2022-2580
- CVE-2022-2819
* SECURITY UPDATE: out-of-bounds write issue
- debian/patches/CVE-2022-2598.patch: Make sure the line number does
not go below one.
- CVE-2022-2598
* SECURITY UPDATE: out-of-bounds read issue
- debian/patches/CVE-2022-2816.patch: Don't read past the end of the
line
- CVE-2022-2816
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-2817.patch: Make a copy of the error
- debian/patches/CVE-2022-2862.patch: Mess up the variable name so that
it won't be found
- debian/patches/CVE-2022-2889.patch: Free eval_tofree later
- debian/patches/CVE-2022-2982.patch: Do not allow for recursion
- debian/patches/CVE-2022-3016.patch: Return QF_ABORT and handle it.
- debian/patches/CVE-2022-3037.patch: Do not handle errors if there
aren't any
- debian/patches/CVE-2022-3099.patch: Do not check breakpoint for
non-existing line
- debian/patches/CVE-2022-3134.patch: Bail out when the window was
closed
- CVE-2022-2817
- CVE-2022-2862
- CVE-2022-2889
- CVE-2022-2982
- CVE-2022-3016
- CVE-2022-3037
- CVE-2022-3099
- CVE-2022-3134
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-2874.patch: Check for skipping
- debian/patches/CVE-2022-3153.patch: Check for NULL string
- CVE-2022-2874
- CVE-2022-3153
-- Nishit Majithia <email address hidden> Fri, 18 Aug 2023 09:42:26 +0530
Available diffs
vim (2:8.1.2269-1ubuntu5.17) focal-security; urgency=medium
* SECURITY UPDATE: out-of-bounds write issue
- debian/patches/CVE-2022-2598.patch: Make sure the line number does
not go below one.
- CVE-2022-2598
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-3016.patch: Return QF_ABORT and handle it.
- debian/patches/CVE-2022-3037.patch: Do not handle errors if there
aren't any
- debian/patches/CVE-2022-3099.patch: Do not check breakpoint for
non-existing line
- CVE-2022-3016
- CVE-2022-3037
- CVE-2022-3099
-- Nishit Majithia <email address hidden> Fri, 18 Aug 2023 09:11:54 +0530
Available diffs
vim (2:8.2.3995-1ubuntu2.10) jammy-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2182.patch: When on line zero check the
column is valid for line one.
- debian/patches/CVE-2022-2264.patch: Adjust the end mark position.
- debian/patches/CVE-2022-2284.patch: Stop Visual mode when closing a
window.
- CVE-2022-2182
- CVE-2022-2264
- CVE-2022-2284
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-2208.patch: Recompute diffs later. Skip
window without a valid buffer.
- debian/patches/CVE-2022-2231.patch: Do not use the NULL pointer.
- CVE-2022-2208
- CVE-2022-2231
* SECURITY UPDATE: out-of-bounds write issue
- debian/patches/CVE-2022-2210.patch: Use zero offset when change
removes all lines in a diff block
- CVE-2022-2210
* SECURITY UPDATE: out-of-bounds read issue
- debian/patches/CVE-2022-2257.patch: Check for NUL.
- debian/patches/CVE-2022-2286.patch: Check the length of the string
- debian/patches/CVE-2022-2287.patch: Disallow adding a word with
control characters or a trailing slash.
- CVE-2022-2257
- CVE-2022-2286
- CVE-2022-2287
* SECURITY UPDATE: integer overflow issue
- debian/patches/CVE-2022-2285.patch: Put a NUL after the typeahead.
- CVE-2022-2285
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-2289.patch: Bail out when diff pointer is no
longer valid
- CVE-2022-2289
* debian/patches/skip_some_tests.patch: skip some failing test
-- Nishit Majithia <email address hidden> Tue, 01 Aug 2023 11:07:49 +0530
Available diffs
vim (2:8.1.2269-1ubuntu5.16) focal-security; urgency=medium
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2264.patch: Adjust the end mark position.
- debian/patches/CVE-2022-2284.patch: Stop Visual mode when closing a
window.
- CVE-2022-2264
- CVE-2022-2284
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2022-2208.patch: Recompute diffs later. Skip
window without a valid buffer.
- CVE-2022-2208
* SECURITY UPDATE: out-of-bounds write issue
- debian/patches/CVE-2022-2210.patch: Use zero offset when change
removes all lines in a diff block
- CVE-2022-2210
* SECURITY UPDATE: out-of-bounds read issue
- debian/patches/CVE-2022-2257.patch: Check for NUL.
- debian/patches/CVE-2022-2286.patch: Check the length of the string
- debian/patches/CVE-2022-2287.patch: Disallow adding a word with
control characters or a trailing slash.
- CVE-2022-2257
- CVE-2022-2286
- CVE-2022-2287
* SECURITY UPDATE: integer overflow issue
- debian/patches/CVE-2022-2285.patch: Put a NUL after the typeahead.
- CVE-2022-2285
* SECURITY UPDATE: use after free memory issue
- debian/patches/CVE-2022-2289.patch: Bail out when diff pointer is no
longer valid
- CVE-2022-2289
* debian/patches/update_flaky_tests.patch: add few tests to flaky
-- Nishit Majithia <email address hidden> Tue, 01 Aug 2023 14:00:18 +0530
Available diffs
| Superseded in mantic-proposed |
vim (2:9.0.1672-1ubuntu1) mantic; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
Available diffs
| Superseded in mantic-proposed |
vim (2:9.0.1658-1ubuntu1) mantic; urgency=low
* Merge from Debian unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
* Dropped changes:
- Remove the CVE patches, included upstream
Available diffs
vim (2:8.2.3995-1ubuntu2.9) jammy-security; urgency=medium
* SECURITY UPDATE: out-of-bounds read when finding an ex command by name
- debian/patches/CVE-2022-0128.patch: check for the NUL byte first before
reading.
- CVE-2022-0128
* SECURITY UPDATE: use of freed memory when managing line buffers
- debian/patches/CVE-2022-0156-1.patch: tracking and keeping individual
lines until the end before freeing.
- debian/patches/CVE-2022-0156-2.patch: use growing array for tracking
lines to free when executing instructions.
- CVE-2022-0156
* SECURITY UPDATE: heap-based buffer overflow when reading line containing
"$" on its own
- debian/patches/CVE-2022-0158.patch: handle environment variable with
adjusted error reporting.
- CVE-2022-0158
* SECURITY UPDATE: out-of-bounds read when recording and using select mode
- debian/patches/CVE-2022-0393.patch: check last recorded character exists
before deleting.
- CVE-2022-0393
* SECURITY UPDATE: heap-based buffer overflow when performing a visual block
yank
- debian/patches/CVE-2022-0407.patch: check line boundary before reading
character.
- CVE-2022-0407
* SECURITY UPDATE: NULL pointer dereference when switching tabpage in
cmdline window
- debian/patches/CVE-2022-0696.patch: deny switching tabpage in cmdline
window.
- CVE-2022-0696
-- Evan Caville <email address hidden> Thu, 22 Jun 2023 14:08:04 +1000
Available diffs
vim (2:9.0.1378-2ubuntu2) mantic; urgency=medium
* SECURITY UPDATE: NULL pointer dereference when processing register content
- debian/patches/CVE-2023-2609.patch: check "y_array" is not NULL.
- CVE-2023-2609
* SECURITY UPDATE: integer overflow and excessive memory consumption when
allocating memory for tilde processing in pattern
- debian/patches/CVE-2023-2610.patch: limit the text length to MAXCOL.
- CVE-2023-2610
-- Camila Camargo de Matos <email address hidden> Wed, 24 May 2023 11:10:23 -0300
Available diffs
vim (2:9.0.0242-1ubuntu1.4) kinetic-security; urgency=medium
* SECURITY UPDATE: use of out-of-range pointer offset when fuzzy matching
- debian/patches/CVE-2023-2426.patch: initialize the arrays used to store
match positions.
- CVE-2023-2426
* SECURITY UPDATE: NULL pointer dereference when processing register content
- debian/patches/CVE-2023-2609.patch: check "y_array" is not NULL.
- CVE-2023-2609
* SECURITY UPDATE: integer overflow and excessive memory consumption when
allocating memory for tilde processing in pattern
- debian/patches/CVE-2023-2610.patch: limit the text length to MAXCOL.
- CVE-2023-2610
-- Camila Camargo de Matos <email address hidden> Wed, 24 May 2023 11:27:18 -0300
Available diffs
vim (2:9.0.1000-4ubuntu3.1) lunar-security; urgency=medium
* SECURITY UPDATE: use of out-of-range pointer offset when fuzzy matching
- debian/patches/CVE-2023-2426.patch: initialize the arrays used to store
match positions.
- CVE-2023-2426
* SECURITY UPDATE: NULL pointer dereference when processing register content
- debian/patches/CVE-2023-2609.patch: check "y_array" is not NULL.
- CVE-2023-2609
* SECURITY UPDATE: integer overflow and excessive memory consumption when
allocating memory for tilde processing in pattern
- debian/patches/CVE-2023-2610.patch: limit the text length to MAXCOL.
- CVE-2023-2610
-- Camila Camargo de Matos <email address hidden> Wed, 24 May 2023 11:26:32 -0300
Available diffs
vim (2:8.2.3995-1ubuntu2.8) jammy-security; urgency=medium
* SECURITY UPDATE: use of out-of-range pointer offset when fuzzy matching
- debian/patches/CVE-2023-2426.patch: initialize the arrays used to store
match positions.
- CVE-2023-2426
* SECURITY UPDATE: NULL pointer dereference when processing register content
- debian/patches/CVE-2023-2609.patch: check "y_array" is not NULL.
- CVE-2023-2609
* SECURITY UPDATE: integer overflow and excessive memory consumption when
allocating memory for tilde processing in pattern
- debian/patches/CVE-2023-2610.patch: limit the text length to MAXCOL.
- CVE-2023-2610
-- Camila Camargo de Matos <email address hidden> Wed, 24 May 2023 11:27:53 -0300
Available diffs
vim (2:8.1.2269-1ubuntu5.15) focal-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference when processing register content
- debian/patches/CVE-2023-2609.patch: check "y_array" is not NULL.
- CVE-2023-2609
* SECURITY UPDATE: integer overflow and excessive memory consumption when
allocating memory for tilde processing in pattern
- debian/patches/CVE-2023-2610.patch: limit the text length to MAXCOL.
- CVE-2023-2610
-- Camila Camargo de Matos <email address hidden> Wed, 24 May 2023 11:28:35 -0300
Available diffs
vim (2:9.0.1378-2ubuntu1) mantic; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
- SECURITY UPDATE: NULL pointer dereference vulnerability
+ debian/patches/CVE-2023-1264.patch: using NULL pointer with nested
:open command
+ CVE-2023-1264
- SECURITY UPDATE: NULL pointer dereference vulnerability
+ debian/patches/CVE-2023-1355.patch
+ CVE-2023-1355
* Welcome to the Mantic Minotaur!
Available diffs
vim (2:9.0.1378-1ubuntu1) mantic; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
- SECURITY UPDATE: NULL pointer dereference vulnerability
+ debian/patches/CVE-2023-1264.patch: using NULL pointer with nested
:open command
+ CVE-2023-1264
* SECURITY UPDATE: NULL pointer dereference vulnerability
- debian/patches/CVE-2023-1355.patch
- CVE-2023-1355
Available diffs
vim (2:8.2.3995-1ubuntu2.7) jammy-security; urgency=medium
* SECURITY UPDATE: heap buffer overflow when processing long file names
- debian/patches/CVE-2022-0213.patch: check length when appending a space.
- CVE-2022-0213
* SECURITY UPDATE: heap-based buffer overflow when performing a block insert
- debian/patches/CVE-2022-0261.patch: handle invalid byte better. Fix
inserting the wrong text.
- debian/patches/CVE-2022-0318-1.patch: for block insert only use the
offset for correcting the length.
- debian/patches/CVE-2022-0318-2.patch: adjust the expected output for
utf8 block insert test.
- CVE-2022-0261
- CVE-2022-0318
* SECURITY UPDATE: out-of-bounds read when exchanging windows in visual mode
- debian/patches/CVE-2022-0319.patch: correct end of Visual area when
entering another buffer.
- CVE-2022-0319
* SECURITY UPDATE: stack pointer corruption when parsing too many brackets
in expression
- debian/patches/CVE-2022-0351.patch: limit recursion to 1000.
- CVE-2022-0351
* SECURITY UPDATE: illegal memory access when processing large indent in ex
mode
- debian/patches/CVE-2022-0359.patch: allocate enough memory.
- CVE-2022-0359
* SECURITY UPDATE: illegal memory access when copying lines in visual mode
- debian/patches/CVE-2022-0361.patch: adjust the Visual position after
copying lines.
- CVE-2022-0361
* SECURITY UPDATE: illegal memory access when undo makes visual area invalid
in visual mode
- debian/patches/CVE-2022-0368.patch: correct the Visual area after undo.
- CVE-2022-0368
* SECURITY UPDATE: stack corruption when looking for spelling suggestions
- debian/patches/CVE-2022-0408.patch: prevent the depth increased too
much. Add a five second time limit to finding suggestions.
- CVE-2022-0408
* SECURITY UPDATE: use of freed memory when managing buffers
- debian/patches/CVE-2022-0443.patch: do not use wiped out buffer.
- CVE-2022-0443
* SECURITY UPDATE: heap buffer overflow when processing vim buffers
- debian/patches/CVE-2022-0554.patch: when deleting the current buffer to
not pick a quickfix buffer as the new current buffer.
- CVE-2022-0554
* SECURITY UPDATE: heap buffer overflow when repeatedly using :retab
- debian/patches/CVE-2022-0572.patch: bail out when the line is getting
too long.
- CVE-2022-0572
* SECURITY UPDATE: stack buffer overflow vulnerability
- debian/patches/CVE-2022-0629.patch: crash when using many composing
characters in error message
- CVE-2022-0629
* SECURITY UPDATE: out-of-range pointer offset when using special multi-byte
character
- debian/patches/CVE-2022-0685.patch: don't use isalpha() for an arbitrary
character.
- CVE-2022-0685
* SECURITY UPDATE: heap buffer overflow when processing anomalous
'vartabstop' value
- debian/patches/CVE-2022-0714.patch: check for running into the end of
the line.
- CVE-2022-0714
* SECURITY UPDATE: out-of-range pointer offset when processing specific
regexp pattern and string
- debian/patches/CVE-2022-0729.patch: stop at the start of the string.
- CVE-2022-0729
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2207.patch: adds a check to see if the cursor
column is great than zero.
- CVE-2022-2207
-- Nishit Majithia <email address hidden> Tue, 18 Apr 2023 17:10:57 +0530
Available diffs
vim (2:8.1.2269-1ubuntu5.14) focal-security; urgency=medium
* SECURITY UPDATE: out-of-bound read vulnerability
- debian/patches/CVE-2021-4166.patch: crash when clearing the argument
list while using it
- CVE-2021-4166
* SECURITY UPDATE: use-after-free when matching inside a visual selection
- debian/patches/CVE-2021-4192.patch: get the line again after getvvcol().
- CVE-2021-4192
* SECURITY UPDATE: out-of-bounds read when processing data in visual mode
- debian/patches/CVE-2021-4193.patch: check for valid column in getvcol().
- CVE-2021-4193
* SECURITY UPDATE: heap buffer overflow when processing long file names
- debian/patches/CVE-2022-0213.patch: check length when appending a space.
- CVE-2022-0213
* SECURITY UPDATE: heap-based buffer overflow when performing a block insert
- debian/patches/CVE-2022-0261.patch: handle invalid byte better. Fix
inserting the wrong text.
- debian/patches/CVE-2022-0318-1.patch: for block insert only use the
offset for correcting the length.
- debian/patches/CVE-2022-0318-2.patch: adjust the expected output for
utf8 block insert test.
- CVE-2022-0261
- CVE-2022-0318
* SECURITY UPDATE: out-of-bounds read when exchanging windows in visual mode
- debian/patches/CVE-2022-0319.patch: correct end of Visual area when
entering another buffer.
- CVE-2022-0319
* SECURITY UPDATE: stack pointer corruption when parsing too many brackets
in expression
- debian/patches/CVE-2022-0351.patch: limit recursion to 1000.
- CVE-2022-0351
* SECURITY UPDATE: illegal memory access when processing large indent in ex
mode
- debian/patches/CVE-2022-0359.patch: allocate enough memory.
- CVE-2022-0359
* SECURITY UPDATE: illegal memory access when copying lines in visual mode
- debian/patches/CVE-2022-0361.patch: adjust the Visual position after
copying lines.
- CVE-2022-0361
* SECURITY UPDATE: illegal memory access when undo makes visual area invalid
in visual mode
- debian/patches/CVE-2022-0368.patch: correct the Visual area after undo.
- CVE-2022-0368
* SECURITY UPDATE: stack corruption when looking for spelling suggestions
- debian/patches/CVE-2022-0408.patch: prevent the depth increased too
much. Add a five second time limit to finding suggestions.
- CVE-2022-0408
* SECURITY UPDATE: use of freed memory when managing buffers
- debian/patches/CVE-2022-0443.patch: do not use wiped out buffer.
- CVE-2022-0443
* SECURITY UPDATE: heap buffer overflow when processing vim buffers
- debian/patches/CVE-2022-0554.patch: when deleting the current buffer to
not pick a quickfix buffer as the new current buffer.
- CVE-2022-0554
* SECURITY UPDATE: heap buffer overflow when repeatedly using :retab
- debian/patches/CVE-2022-0572.patch: bail out when the line is getting
too long.
- CVE-2022-0572
* SECURITY UPDATE: stack buffer overflow vulnerability
- debian/patches/CVE-2022-0629.patch: crash when using many composing
characters in error message
- CVE-2022-0629
* SECURITY UPDATE: out-of-range pointer offset when using special multi-byte
character
- debian/patches/CVE-2022-0685.patch: don't use isalpha() for an arbitrary
character.
- CVE-2022-0685
* SECURITY UPDATE: heap buffer overflow when processing anomalous
'vartabstop' value
- debian/patches/CVE-2022-0714.patch: check for running into the end of
the line.
- CVE-2022-0714
* SECURITY UPDATE: out-of-range pointer offset when processing specific
regexp pattern and string
- debian/patches/CVE-2022-0729.patch: stop at the start of the string.
- CVE-2022-0729
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2207.patch: adds a check to see if the cursor
column is great than zero.
- CVE-2022-2207
-- Nishit Majithia <email address hidden> Tue, 18 Apr 2023 15:50:44 +0530
Available diffs
vim (2:8.0.1453-1ubuntu1.13) bionic-security; urgency=medium
* SECURITY UPDATE: use-after-free when matching inside a visual selection
- debian/patches/CVE-2021-4192.patch: get the line again after getvvcol().
- CVE-2021-4192
* SECURITY UPDATE: out-of-bounds read when processing data in visual mode
- debian/patches/CVE-2021-4193.patch: check for valid column in getvcol().
- CVE-2021-4193
* SECURITY UPDATE: heap buffer overflow when processing long file names
- debian/patches/CVE-2022-0213.patch: check length when appending a space.
- CVE-2022-0213
* SECURITY UPDATE: heap-based buffer overflow when performing a block insert
- debian/patches/CVE-2022-0261.patch: handle invalid byte better. Fix
inserting the wrong text.
- debian/patches/CVE-2022-0318-1.patch: for block insert only use the
offset for correcting the length.
- debian/patches/CVE-2022-0318-2.patch: adjust the expected output for
utf8 block insert test.
- CVE-2022-0261
- CVE-2022-0318
* SECURITY UPDATE: out-of-bounds read when exchanging windows in visual mode
- debian/patches/CVE-2022-0319.patch: correct end of Visual area when
entering another buffer.
- CVE-2022-0319
* SECURITY UPDATE: stack pointer corruption when parsing too many brackets
in expression
- debian/patches/CVE-2022-0351.patch: limit recursion to 1000.
- CVE-2022-0351
* SECURITY UPDATE: illegal memory access when processing large indent in ex
mode
- debian/patches/CVE-2022-0359.patch: allocate enough memory.
- CVE-2022-0359
* SECURITY UPDATE: illegal memory access when copying lines in visual mode
- debian/patches/CVE-2022-0361.patch: adjust the Visual position after
copying lines.
- CVE-2022-0361
* SECURITY UPDATE: illegal memory access when undo makes visual area invalid
in visual mode
- debian/patches/CVE-2022-0368.patch: correct the Visual area after undo.
- CVE-2022-0368
* SECURITY UPDATE: stack corruption when looking for spelling suggestions
- debian/patches/CVE-2022-0408.patch: prevent the depth increased too
much. Add a five second time limit to finding suggestions.
- CVE-2022-0408
* SECURITY UPDATE: use of freed memory when managing buffers
- debian/patches/CVE-2022-0443.patch: do not use wiped out buffer.
- CVE-2022-0443
* SECURITY UPDATE: heap buffer overflow when processing vim buffers
- debian/patches/CVE-2022-0554.patch: when deleting the current buffer to
not pick a quickfix buffer as the new current buffer.
- CVE-2022-0554
* SECURITY UPDATE: heap buffer overflow when repeatedly using :retab
- debian/patches/CVE-2022-0572.patch: bail out when the line is getting
too long.
- CVE-2022-0572
* SECURITY UPDATE: out-of-range pointer offset when using special multi-byte
character
- debian/patches/CVE-2022-0685.patch: don't use isalpha() for an arbitrary
character.
- CVE-2022-0685
* SECURITY UPDATE: heap buffer overflow when processing anomalous
'vartabstop' value
- debian/patches/CVE-2022-0714.patch: check for running into the end of
the line.
- CVE-2022-0714
* SECURITY UPDATE: out-of-range pointer offset when processing specific
regexp pattern and string
- debian/patches/CVE-2022-0729.patch: stop at the start of the string.
- CVE-2022-0729
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-2207.patch: adds a check to see if the cursor
column is great than zero.
- CVE-2022-2207
-- Nishit Majithia <email address hidden> Tue, 18 Apr 2023 14:50:34 +0530
Available diffs
vim (2:9.0.0242-1ubuntu1.3) kinetic-security; urgency=medium
* SECURITY UPDATE: use after free
- debian/patches/CVE-2022-2946.patch: using freed memory when 'tagfunc'
deletes the buffer
- CVE-2022-2946
* SECURITY UPDATE: null pointer dereference issue
- debian/patches/CVE-2022-2980.patch: crash with mouse click when not
initialized
- CVE-2022-2980
-- Nishit Majithia <email address hidden> Mon, 03 Apr 2023 14:28:05 +0530
Available diffs
vim (2:8.2.3995-1ubuntu2.5) jammy-security; urgency=medium
* SECURITY UPDATE: use after free
- debian/patches/CVE-2022-0413.patch: make a copy of the substitute pattern
that starts with "\=" in do_sub() in src/ex_cmds.c and free it at the end
of the method and add test case Test_using_old_sub in
src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1796.patch: make a copy of the pattern to search
for as it could get freed in do_window() in src/window.c and add test
case Test_define_search in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1898.patch: make a copy of the string as it could
get freed in nv_brackets() in src/normal.c, and add a test inside the
Test_define_search test case in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1968.patch: mitigates the potential for a use
after free scenario by making a copy of a buffer to use for future
reference
- debian/patches/CVE-2022-2946.patch: using freed memory when 'tagfunc'
deletes the buffer
- CVE-2022-0413
- CVE-2022-1796
- CVE-2022-1898
- CVE-2022-1968
- CVE-2022-2946
* SECURITY UPDATE: buffer over-read
- debian/patches/CVE-2022-1629.patch: add a check for null after a
backslash in find_next_quote() in src/search.c and add test case
Test_string_html_objects in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1720.patch: reading past end of line with "gf" in
Visual block mode
- debian/patches/CVE-2022-1733.patch: add a check for null when checking
for trailing ' in skip_string() in src/misc1.c and add test case
Test_cindent_check_funcdecl in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1735.patch: add a new function, check_visual_pos
in src/misc2.c and invoke it in src/change.c and src/edit.c. Add the new
function header in src/proto/misc2.pro and add test case
Test_visual_block_with_substitute in src/testdir/test_visual.vim.
- debian/patches/CVE-2022-1851.patch: add a call to check_cursor() after
formatting in op_format() in src/ops.c and add test case
Test_correct_cursor_position in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1927.patch: cursor position may be invalid after
"0;" range
- debian/patches/CVE-2022-2845.patch: reading before the start of the line
- CVE-2022-1629
- CVE-2022-1720
- CVE-2022-1733
- CVE-2022-1735
- CVE-2022-1851
- CVE-2022-1927
- CVE-2022-2845
* SECURITY UPDATE: crash when matching buffer with invalid pattern
- debian/patches/CVE-2022-1674.patch: check for NULL regprog
- CVE-2022-1674
* SECURITY UPDATE: buffer over-write
- debian/patches/CVE-2022-1785.patch: add textlock flag to disallow
changing text or switching window before calling vim_regsub_multi() in
src/ex_cmds.c.
- CVE-2022-1785
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-1942.patch: adds a control to disallow the
opening of a command line window when text or buffer is locked.
- debian/patches/CVE-2022-2344.patch: reading past end of completion with
duplicate match
- debian/patches/CVE-2022-2571.patch: reading past end of line with insert
mode completion
- debian/patches/CVE-2022-2849.patch: invalid memory access with for loop
over NULL string
- CVE-2022-1942
- CVE-2022-2344
- CVE-2022-2571
- CVE-2022-2849
* SECURITY UPDATE: searching for quotes may go over the end of the line
- debian/patches/CVE-2022-2124.patch: check for running into the NULL
- CVE-2022-2124
* SECURITY UPDATE: lisp indenting my run over the end of the line
- debian/patches/CVE-2022-2125.patch: check for NULL earlier
- CVE-2022-2125
* SECURITY UPDATE: using invalid index when looking for spell suggestions
- debian/patches/CVE-2022-2126.patch: do not decrement the index when it
is zero
- CVE-2022-2126
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2022-2129.patch: prevents the editing of another file
when either curbuf_lock or textlock is set.
- CVE-2022-2129
* SECURITY UPDATE: invalid memory access when using an expression on the
command line
- debian/patches/CVE-2022-2175-1.patch: make sure the position does not
go negative
- debian/patches/CVE-2022-2175-2.patch: add missing #ifdef FEAT_EVAL
- debian/patches/fix_Test_cmdwin_jump_to_win.patch: fix
Test_cmdwin_jump_to_win() test case
- CVE-2022-2175
* SECURITY UPDATE: reading beyond the end of the line with lisp indenting
- debian/patches/CVE-2022-2183.patch: avoid going over the NUL at the end
of the line
- CVE-2022-2183
* SECURITY UPDATE: accessing invalid memory after changing terminal size
- debian/patches/CVE-2022-2206.patch: adjust cmdline_row and msg_row to
the value of Rows
- CVE-2022-2206
* SECURITY UPDATE: spell dump may go beyond end of an array
- debian/patches/CVE-2022-2304.patch: limit the word length
- CVE-2022-2304
* SECURITY UPDATE: using freed memory with recursive substitution
- debian/patches/CVE-2022-2345.patch: always make a copy of
reg_prev_sub
- CVE-2022-2345
* SECURITY UPDATE: illegal memory access when pattern starts with
illegal byte
- debian/patches/CVE-2022-2581.patch: do not match a character with an
illegal byte
- CVE-2022-2581
* SECURITY UPDATE: null pointer dereference issue
- debian/patches/CVE-2022-2923.patch: crash when using ":mkspell" with an
empty .dic file
- debian/patches/CVE-2022-2980.patch: crash with mouse click when not
initialized
- CVE-2022-2923
- CVE-2022-2980
-- Nishit Majithia <email address hidden> Mon, 03 Apr 2023 13:15:49 +0530
Available diffs
vim (2:8.1.2269-1ubuntu5.13) focal-security; urgency=medium
* SECURITY UPDATE: use after free
- debian/patches/CVE-2022-0413.patch: make a copy of the substitute pattern
that starts with "\=" in do_sub() in src/ex_cmds.c and free it at the end
of the method and add test case Test_using_old_sub in
src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1796.patch: make a copy of the pattern to search
for as it could get freed in do_window() in src/window.c and add test
case Test_define_search in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1898.patch: make a copy of the string as it could
get freed in nv_brackets() in src/normal.c, and add a test inside the
Test_define_search test case in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1968.patch: mitigates the potential for a use
after free scenario by making a copy of a buffer to use for future
reference
- debian/patches/CVE-2022-2946.patch: using freed memory when 'tagfunc'
deletes the buffer
- CVE-2022-0413
- CVE-2022-1796
- CVE-2022-1898
- CVE-2022-1968
- CVE-2022-2946
* SECURITY UPDATE: buffer over-read
- debian/patches/CVE-2022-1629.patch: add a check for null after a
backslash in find_next_quote() in src/search.c and add test case
Test_string_html_objects in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1720.patch: reading past end of line with "gf" in
Visual block mode
- debian/patches/CVE-2022-1733.patch: add a check for null when checking
for trailing ' in skip_string() in src/misc1.c and add test case
Test_cindent_check_funcdecl in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1735.patch: add a new function, check_visual_pos
in src/misc2.c and invoke it in src/change.c and src/edit.c. Add the new
function header in src/proto/misc2.pro and add test case
Test_visual_block_with_substitute in src/testdir/test_visual.vim.
- debian/patches/CVE-2022-1851.patch: add a call to check_cursor() after
formatting in op_format() in src/ops.c and add test case
Test_correct_cursor_position in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1927.patch: cursor position may be invalid after
"0;" range
- debian/patches/CVE-2022-2845.patch: reading before the start of the line
- CVE-2022-1629
- CVE-2022-1720
- CVE-2022-1733
- CVE-2022-1735
- CVE-2022-1851
- CVE-2022-1927
- CVE-2022-2845
* SECURITY UPDATE: crash when matching buffer with invalid pattern
- debian/patches/CVE-2022-1674.patch: check for NULL regprog
- CVE-2022-1674
* SECURITY UPDATE: buffer over-write
- debian/patches/CVE-2022-1785.patch: add textlock flag to disallow
changing text or switching window before calling vim_regsub_multi() in
src/ex_cmds.c.
- CVE-2022-1785
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-1942.patch: adds a control to disallow the
opening of a command line window when text or buffer is locked.
- debian/patches/CVE-2022-2344.patch: reading past end of completion with
duplicate match
- debian/patches/CVE-2022-2571.patch: reading past end of line with insert
mode completion
- debian/patches/CVE-2022-2849.patch: invalid memory access with for loop
over NULL string
- CVE-2022-1942
- CVE-2022-2344
- CVE-2022-2571
- CVE-2022-2849
* SECURITY UPDATE: searching for quotes may go over the end of the line
- debian/patches/CVE-2022-2124.patch: check for running into the NULL
- CVE-2022-2124
* SECURITY UPDATE: lisp indenting my run over the end of the line
- debian/patches/CVE-2022-2125.patch: check for NULL earlier
- CVE-2022-2125
* SECURITY UPDATE: using invalid index when looking for spell suggestions
- debian/patches/CVE-2022-2126.patch: do not decrement the index when it
is zero
- CVE-2022-2126
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2022-2129.patch: prevents the editing of another file
when either curbuf_lock or textlock is set.
- CVE-2022-2129
* SECURITY UPDATE: invalid memory access when using an expression on the
command line
- debian/patches/CVE-2022-2175-1.patch: make sure the position does not
go negative
- debian/patches/CVE-2022-2175-2.patch: add missing #ifdef FEAT_EVAL
- CVE-2022-2175
* SECURITY UPDATE: reading beyond the end of the line with lisp indenting
- debian/patches/CVE-2022-2183.patch: avoid going over the NUL at the end
of the line
- CVE-2022-2183
* SECURITY UPDATE: accessing invalid memory after changing terminal size
- debian/patches/CVE-2022-2206.patch: adjust cmdline_row and msg_row to
the value of Rows
- CVE-2022-2206
* SECURITY UPDATE: spell dump may go beyond end of an array
- debian/patches/CVE-2022-2304.patch: limit the word length
- CVE-2022-2304
* SECURITY UPDATE: using freed memory with recursive substitution
- debian/patches/CVE-2022-2345.patch: always make a copy of
reg_prev_sub
- CVE-2022-2345
* SECURITY UPDATE: illegal memory access when pattern starts with
illegal byte
- debian/patches/CVE-2022-2581.patch: do not match a character with an
illegal byte
- CVE-2022-2581
* SECURITY UPDATE: null pointer dereference issue
- debian/patches/CVE-2022-2923.patch: crash when using ":mkspell" with an
empty .dic file
- debian/patches/CVE-2022-2980.patch: crash with mouse click when not
initialized
- CVE-2022-2923
- CVE-2022-2980
-- Nishit Majithia <email address hidden> Mon, 03 Apr 2023 11:51:26 +0530
Available diffs
vim (2:8.0.1453-1ubuntu1.12) bionic-security; urgency=medium
* SECURITY UPDATE: use after free
- debian/patches/CVE-2022-0413.patch: make a copy of the substitute pattern
that starts with "\=" in do_sub() in src/ex_cmds.c and free it at the end
of the method and add test case Test_using_old_sub in
src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1796.patch: make a copy of the pattern to search
for as it could get freed in do_window() in src/window.c and add test
case Test_define_search in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1898.patch: make a copy of the string as it could
get freed in nv_brackets() in src/normal.c, and add a test inside the
Test_define_search test case in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1968.patch: mitigates the potential for a use
after free scenario by making a copy of a buffer to use for future
reference
- debian/patches/CVE-2022-2946.patch: using freed memory when 'tagfunc'
deletes the buffer
- CVE-2022-0413
- CVE-2022-1796
- CVE-2022-1898
- CVE-2022-1968
- CVE-2022-2946
* SECURITY UPDATE: buffer over-read
- debian/patches/CVE-2022-1629.patch: add a check for null after a
backslash in find_next_quote() in src/search.c and add test case
Test_string_html_objects in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1720.patch: reading past end of line with "gf" in
Visual block mode
- debian/patches/CVE-2022-1733.patch: add a check for null when checking
for trailing ' in skip_string() in src/misc1.c and add test case
Test_cindent_check_funcdecl in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-1735.patch: add a new function, check_visual_pos
in src/misc2.c and invoke it in src/change.c and src/edit.c. Add the new
function header in src/proto/misc2.pro and add test case
Test_visual_block_with_substitute in src/testdir/test_visual.vim.
- debian/patches/CVE-2022-1851.patch: add a call to check_cursor() after
formatting in op_format() in src/ops.c and add test case
Test_correct_cursor_position in src/testdir/test_CVE.vim.
- debian/patches/CVE-2022-2845.patch: reading before the start of the line
- CVE-2022-1629
- CVE-2022-1720
- CVE-2022-1733
- CVE-2022-1735
- CVE-2022-1851
- CVE-2022-2845
* SECURITY UPDATE: crash when matching buffer with invalid pattern
- debian/patches/CVE-2022-1674.patch: check for NULL regprog
- CVE-2022-1674
* SECURITY UPDATE: buffer over-write
- debian/patches/CVE-2022-1785.patch: add textlock flag to disallow
changing text or switching window before calling vim_regsub_multi() in
src/ex_cmds.c.
- CVE-2022-1785
* SECURITY UPDATE: heap-based buffer overflow
- debian/patches/CVE-2022-1942.patch: adds a control to disallow the
opening of a command line window when text or buffer is locked.
- debian/patches/CVE-2022-2571.patch: reading past end of line with insert
mode completion
- debian/patches/CVE-2022-2849.patch: invalid memory access with for loop
over NULL string
- CVE-2022-1942
- CVE-2022-2571
- CVE-2022-2849
* SECURITY UPDATE: searching for quotes may go over the end of the line
- debian/patches/CVE-2022-2124.patch: check for running into the NULL
- CVE-2022-2124
* SECURITY UPDATE: lisp indenting my run over the end of the line
- debian/patches/CVE-2022-2125.patch: check for NULL earlier
- CVE-2022-2125
* SECURITY UPDATE: using invalid index when looking for spell suggestions
- debian/patches/CVE-2022-2126.patch: do not decrement the index when it
is zero
- CVE-2022-2126
* SECURITY UPDATE: out-of-bounds write
- debian/patches/CVE-2022-2129.patch: prevents the editing of another file
when either curbuf_lock or textlock is set.
- CVE-2022-2129
* SECURITY UPDATE: invalid memory access when using an expression on the
command line
- debian/patches/CVE-2022-2175-1.patch: make sure the position does not
go negative
- debian/patches/CVE-2022-2175-2.patch: add missing #ifdef FEAT_EVAL
- CVE-2022-2175
* SECURITY UPDATE: reading beyond the end of the line with lisp indenting
- debian/patches/CVE-2022-2183.patch: avoid going over the NUL at the end
of the line
- CVE-2022-2183
* SECURITY UPDATE: accessing invalid memory after changing terminal size
- debian/patches/CVE-2022-2206.patch: adjust cmdline_row and msg_row to
the value of Rows
- CVE-2022-2206
* SECURITY UPDATE: spell dump may go beyond end of an array
- debian/patches/CVE-2022-2304.patch: limit the word length
- CVE-2022-2304
* SECURITY UPDATE: using freed memory with recursive substitution
- debian/patches/CVE-2022-2345.patch: always make a copy of
reg_prev_sub
- CVE-2022-2345
* SECURITY UPDATE: illegal memory access when pattern starts with
illegal byte
- debian/patches/CVE-2022-2581.patch: do not match a character with an
illegal byte
- CVE-2022-2581
* SECURITY UPDATE: null pointer dereference issue
- debian/patches/CVE-2022-2923.patch: crash when using ":mkspell" with an
empty .dic file
- CVE-2022-2923
-- Nishit Majithia <email address hidden> Mon, 03 Apr 2023 11:32:48 +0530
Available diffs
| Superseded in mantic-release |
| Published in lunar-release |
| Deleted in lunar-proposed (Reason: Moved to lunar) |
vim (2:9.0.1000-4ubuntu3) lunar; urgency=medium * Security upload for the devel series (LP: #2013211) * SECURITY UPDATE: reading past the end of a line when formatting text - debian/patches/CVE-2023-0433.patch: check for not going over the end of the line. - CVE-2023-0433 * SECURITY UPDATE: divide by zero issue - debian/patches/CVE-2023-0512.patch: divide by zero with 'smoothscroll' set and a narrow window - debian/patches/CVE-2023-1127.patch: divide by zero in zero-width window - CVE-2023-0512 - CVE-2023-1127 * SECURITY UPDATE: heap based buffer overflow vulnerability - debian/patches/CVE-2023-1170.patch: accessing invalid memory with put in Visual block mode - CVE-2023-1170 * SECURITY UPDATE: incorrect calculation of buffer size - debian/patches/CVE-2023-1175.patch: illegal memory access when using virtual editing - CVE-2023-1175 * SECURITY UPDATE: NULL pointer dereference vulnerability - debian/patches/CVE-2023-1264.patch: using NULL pointer with nested :open command - CVE-2023-1264 -- Nishit Majithia <email address hidden> Wed, 29 Mar 2023 18:19:19 +0530
Available diffs
vim (2:8.2.3995-1ubuntu2.4) jammy-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference when creating blank mouse
pointer
- debian/patches/CVE-2022-47024.patch: only use the return value of
XChangeGC() when it is not NULL.
- CVE-2022-47024
* SECURITY UPDATE: invalid memory access with bad 'statusline' value
- debian/patches/CVE-2023-0049.patch: avoid going over the NULL at the end
of a statusline.
- CVE-2023-0049
* SECURITY UPDATE: invalid memory access with recursive substitute
expression
- debian/patches/CVE-2023-0054.patch: check the return value of
vim_regsub().
- CVE-2023-0054
* SECURITY UPDATE: invalid memory access with folding and using "L"
- debian/patches/CVE-2023-0288.patch: prevent the cursor from moving to
line zero.
- CVE-2023-0288
* SECURITY UPDATE: reading past the end of a line when formatting text
- debian/patches/CVE-2023-0433.patch: check for not going over the end of
the line.
- CVE-2023-0433
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-0051.patch: reading beyond text
- debian/patches/CVE-2023-1170.patch: accessing invalid memory with put
in Visual block mode
- CVE-2023-0051
- CVE-2023-1170
* SECURITY UPDATE: incorrect calculation of buffer size
- debian/patches/CVE-2023-1175.patch: illegal memory access when using
virtual editing
- CVE-2023-1175
* SECURITY UPDATE: NULL pointer dereference vulnerability
- debian/patches/CVE-2023-1264.patch: using NULL pointer with nested
:open command
- CVE-2023-1264
-- Nishit Majithia <email address hidden> Fri, 17 Mar 2023 17:28:30 +0530
Available diffs
vim (2:9.0.0242-1ubuntu1.2) kinetic-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference when creating blank mouse
pointer
- debian/patches/CVE-2022-47024.patch: only use the return value of
XChangeGC() when it is not NULL.
- CVE-2022-47024
* SECURITY UPDATE: invalid memory access with bad 'statusline' value
- debian/patches/CVE-2023-0049.patch: avoid going over the NULL at the end
of a statusline.
- CVE-2023-0049
* SECURITY UPDATE: invalid memory access with recursive substitute
expression
- debian/patches/CVE-2023-0054.patch: check the return value of
vim_regsub().
- CVE-2023-0054
* SECURITY UPDATE: invalid memory access with folding and using "L"
- debian/patches/CVE-2023-0288.patch: prevent the cursor from moving to
line zero.
- CVE-2023-0288
* SECURITY UPDATE: reading past the end of a line when formatting text
- debian/patches/CVE-2023-0433.patch: check for not going over the end of
the line.
- CVE-2023-0433
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-0051.patch: reading beyond text
- debian/patches/CVE-2023-1170.patch: accessing invalid memory with put
in Visual block mode
- CVE-2023-0051
- CVE-2023-1170
* SECURITY UPDATE: incorrect calculation of buffer size
- debian/patches/CVE-2023-1175.patch: illegal memory access when using
virtual editing
- CVE-2023-1175
* SECURITY UPDATE: NULL pointer dereference vulnerability
- debian/patches/CVE-2023-1264.patch: using NULL pointer with nested
:open command
- CVE-2023-1264
-- Nishit Majithia <email address hidden> Fri, 17 Mar 2023 17:54:05 +0530
Available diffs
vim (2:8.1.2269-1ubuntu5.12) focal-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference when creating blank mouse
pointer
- debian/patches/CVE-2022-47024.patch: only use the return value of
XChangeGC() when it is not NULL.
- CVE-2022-47024
* SECURITY UPDATE: invalid memory access with bad 'statusline' value
- debian/patches/CVE-2023-0049.patch: avoid going over the NULL at the end
of a statusline.
- CVE-2023-0049
* SECURITY UPDATE: invalid memory access with recursive substitute
expression
- debian/patches/CVE-2023-0054.patch: check the return value of
vim_regsub().
- CVE-2023-0054
* SECURITY UPDATE: invalid memory access with folding and using "L"
- debian/patches/CVE-2023-0288.patch: prevent the cursor from moving to
line zero.
- CVE-2023-0288
* SECURITY UPDATE: reading past the end of a line when formatting text
- debian/patches/CVE-2023-0433.patch: check for not going over the end of
the line.
- CVE-2023-0433
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-1170.patch: accessing invalid memory with put
in Visual block mode
- CVE-2023-1170
* SECURITY UPDATE: incorrect calculation of buffer size
- debian/patches/CVE-2023-1175.patch: illegal memory access when using
virtual editing
- CVE-2023-1175
* SECURITY UPDATE: NULL pointer dereference vulnerability
- debian/patches/CVE-2023-1264.patch: using NULL pointer with nested
:open command
- CVE-2023-1264
-- Nishit Majithia <email address hidden> Fri, 17 Mar 2023 16:38:34 +0530
Available diffs
vim (2:8.0.1453-1ubuntu1.11) bionic-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference when creating blank mouse
pointer
- debian/patches/CVE-2022-47024.patch: only use the return value of
XChangeGC() when it is not NULL.
- CVE-2022-47024
* SECURITY UPDATE: invalid memory access with bad 'statusline' value
- debian/patches/CVE-2023-0049.patch: avoid going over the NULL at the end
of a statusline.
- CVE-2023-0049
* SECURITY UPDATE: invalid memory access with recursive substitute
expression
- debian/patches/CVE-2023-0054.patch: check the return value of
vim_regsub().
- CVE-2023-0054
* SECURITY UPDATE: invalid memory access with folding and using "L"
- debian/patches/CVE-2023-0288.patch: prevent the cursor from moving to
line zero.
- CVE-2023-0288
* SECURITY UPDATE: reading past the end of a line when formatting text
- debian/patches/CVE-2023-0433.patch: check for not going over the end of
the line.
- CVE-2023-0433
* SECURITY UPDATE: heap based buffer overflow vulnerability
- debian/patches/CVE-2023-1170.patch: accessing invalid memory with put
in Visual block mode
- CVE-2023-1170
* SECURITY UPDATE: incorrect calculation of buffer size
- debian/patches/CVE-2023-1175.patch: illegal memory access when using
virtual editing
- CVE-2023-1175
-- Nishit Majithia <email address hidden> Fri, 17 Mar 2023 10:54:33 +0530
Available diffs
vim (2:9.0.1000-4ubuntu2) lunar; urgency=medium * No-change upload to remove support for ruby3.0. -- Lucas Kanashiro <email address hidden> Fri, 03 Feb 2023 14:06:49 -0300
Available diffs
vim (2:9.0.1000-4ubuntu1) lunar; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
* SECURITY UPDATE: invalid memory access with bad 'statusline' value
- debian/patches/CVE-2023-0049.patch: Avoid going over the NUL at the end
- CVE-2023-0049
* SECURITY UPDATE: reading beyond text
- debian/patches/CVE-2023-0051.patch: Add strlen_maxlen() and use it
- CVE-2023-0051
* SECURITY UPDATE: Invalid memory access with recursive substitute expression
- debian/patches/CVE-2023-0054.patch: Check the return value of vim_regsub
- CVE-2023-0054
* SECURITY UPDATE: Invalid memory access with folding and using "L"
- debian/patches/CVE-2023-0288.patch: Prevent the cursor from moving to l0
- CVE-2023-0288
Available diffs
vim (2:8.0.1453-1ubuntu1.10) bionic-security; urgency=medium
* SECURITY UPDATE: illegal memory access with bracketed paste in Ex mode
- debian/patches/CVE-2022-0392.patch: reverse space for the trailing NUL
- CVE-2022-0392
-- Mark Esler <email address hidden> Wed, 11 Jan 2023 17:53:52 -0600
Available diffs
vim (2:8.1.2269-1ubuntu5.11) focal-security; urgency=medium
* SECURITY UPDATE: illegal memory access with bracketed paste in Ex mode
- debian/patches/CVE-2022-0392.patch: reverse space for the trailing NUL
- CVE-2022-0392
* SECURITY UPDATE: retab may cause illegal memory access
- debian/patches/CVE-2022-0417.patch: limit the value of tabstop
- CVE-2022-0417
-- Mark Esler <email address hidden> Wed, 11 Jan 2023 17:54:11 -0600
Available diffs
vim (2:8.2.3995-1ubuntu2.3) jammy-security; urgency=medium
* SECURITY UPDATE: illegal memory access with bracketed paste in Ex mode
- debian/patches/CVE-2022-0392.patch: reverse space for the trailing NUL
- CVE-2022-0392
* SECURITY UPDATE: retab may cause illegal memory access
- debian/patches/CVE-2022-0417.patch: limit the value of tabstop
- CVE-2022-0417
-- Mark Esler <email address hidden> Wed, 11 Jan 2023 17:53:12 -0600
Available diffs
vim (2:9.0.1000-3ubuntu2) lunar; urgency=medium * Fix test failures on ppc64el.
Available diffs
| Superseded in lunar-proposed |
vim (2:9.0.1000-3ubuntu1) lunar; urgency=medium
* Merge from Debian Unstable. Remaining changes:
- debian/runtime/vimrc:
+ "syntax on" is a sane default for non-tiny Vim.
- debian/patches/debian/ubuntu-grub-syntax.patch:
+ Add Ubuntu-specific "quiet" keyword.
- debian/patches/ubuntu-mouse-off.patch:
+ Mouse mode is actively harmful in some chroots.
- debian/patches/patches/increase_timeout.diff:
+ Increase timeout for the Test_pattern_compile_speed patch.
- debian/patches/0001-fix-flaky-terminal-mode-test.vim:
+ Fix flaky Vim terminal mode test.
- debian/patches/0002-disable-failing-tests-on-ppc64.patch:
+ Disable some tests that were throwing an ENOMEM during build on
ppc64el. The tests are only disabled when building on ppc64el.
- Reverse-applicable (dropped) changes:
+ debian/patches/lunar_lobster.patch: Welcome to the Lunar Lobster!
Available diffs
| Superseded in lunar-proposed |
vim (2:9.0.0813-1ubuntu2) lunar; urgency=medium * No-change rebuild with Python 3.11 as default -- Graham Inggs <email address hidden> Sun, 25 Dec 2022 20:46:36 +0000
Available diffs
| Superseded in lunar-proposed |
vim (2:9.0.0813-1ubuntu1) lunar; urgency=medium
* Merge from Debian Unstable. Remaining changes:
+ debian/runtime/vimrc:
"syntax on" is a sane default for non-tiny vim.
+ debian/patches/debian/ubuntu-grub-syntax.patch:
Add Ubuntu-specific "quiet" keyword.
+ debian/patches/ubuntu-mouse-off.patch:
Mouse mode is actively harmful in some chroots.
+ debian/patches/patches/increase_timeout.diff:
Increase timeout for the Test_pattern_compile_speed patch.
+ debian/patches/0001-fix-flaky-terminal-mode-test.vim: Fix flaky vim
terminal mode test
+ debian/patches/0002-disable-failing-tests-on-ppc64.patch: Disable some
tests that were throwing an ENOMEM during build on ppc64el. The tests
are only disabled when building on ppc64el.
+ debian/patches/lunar_lobster.patch: Welcome to the Lunar Lobster!
-- Simon Quigley <email address hidden> Sat, 10 Dec 2022 22:42:10 -0600
Available diffs
| Deleted in kinetic-proposed (Reason: moved to -updates) |
vim (2:9.0.0242-1ubuntu1.1) kinetic; urgency=medium * Update supported Ubuntu and Debian codenames (LP: #1996087). -- Simon Quigley <email address hidden> Wed, 09 Nov 2022 18:06:46 +0100
Available diffs
| Deleted in jammy-proposed (Reason: moved to -updates) |
vim (2:8.2.3995-1ubuntu2.2) jammy; urgency=medium * Update supported Ubuntu and Debian codenames (LP: #1996087). -- Simon Quigley <email address hidden> Wed, 09 Nov 2022 18:04:20 +0100
Available diffs
| Deleted in focal-proposed (Reason: moved to -updates) |
vim (2:8.1.2269-1ubuntu5.10) focal; urgency=medium * Update supported Ubuntu and Debian codenames (LP: #1996087). -- Simon Quigley <email address hidden> Wed, 09 Nov 2022 17:57:59 +0100
Available diffs
| Superseded in lunar-proposed |
vim (2:9.0.0626-1ubuntu2) lunar; urgency=medium * Rebuild against new perlapi-5.36. -- Gianfranco Costamagna <email address hidden> Fri, 04 Nov 2022 17:23:37 +0100
Available diffs
| Superseded in lunar-proposed |
vim (2:9.0.0626-1ubuntu1) lunar; urgency=medium
* Merge from Debian Unstable. Remaining changes:
+ debian/runtime/vimrc:
"syntax on" is a sane default for non-tiny vim.
+ debian/patches/debian/ubuntu-grub-syntax.patch:
Add Ubuntu-specific "quiet" keyword.
+ debian/patches/ubuntu-mouse-off.patch:
Mouse mode is actively harmful in some chroots.
+ debian/patches/patches/increase_timeout.diff:
Increase timeout for the Test_pattern_compile_speed patch.
+ debian/patches/0001-fix-flaky-terminal-mode-test.vim: Fix flaky vim
terminal mode test
+ debian/patches/0002-disable-failing-tests-on-ppc64.patch: Disable some
tests that were throwing an ENOMEM during build on ppc64el. The tests
are only disabled when building on ppc64el.
* Refresh all Ubuntu patches.
* Add lunar_lobster.patch, welcome to the Lunar Lobster!
-- Simon Quigley <email address hidden> Fri, 28 Oct 2022 13:46:59 -0500
Available diffs
vim (2:8.1.2269-1ubuntu5.9) focal-security; urgency=medium
* No-change rebuild to republish missing architecture binaries in the
security pocket (LP: #1989973)
-- Nishit Majithia <email address hidden> Mon, 19 Sep 2022 10:29:57 +0530
Available diffs
vim (2:8.0.1453-1ubuntu1.9) bionic-security; urgency=medium
* SECURITY UPDATE: heap based buffer overflow in spelling suggestion
function
- debian/patches/CVE-2022-0943.patch: adjust "badlen".
- CVE-2022-0943
* SECURITY UPDATE: use-after-free when processing regular expressions in old
engine
- debian/patches/CVE-2022-1154.patch: after getting mark get the line
again.
- CVE-2022-1154
* SECURITY UPDATE: buffer overflow when using invalid command with composing
chars
- debian/patches/CVE-2022-1616.patch: check that the whole character fits
in the buffer.
- CVE-2022-1616
* SECURITY UPDATE: heap buffer overflow when processing CTRL-W in latin1
encoding
- debian/patches/CVE-2022-1619.patch: check already being at the start of
the command line.
- CVE-2022-1619
* SECURITY UPDATE: NULL pointer access when using invalid pattern
- debian/patches/CVE-2022-1620.patch: check for failed regexp program.
- CVE-2022-1620
* SECURITY UPDATE: heap buffer overflow when processing invalid character
added to word list
- debian/patches/CVE-2022-1621.patch: check for a valid word string.
- debian/patches/remove_test_spell_single_word.patch: removal of test
test_spell_single_word from src/testdir/test_spell.vim
- CVE-2022-1621
-- Nishit Majithia <email address hidden> Tue, 13 Sep 2022 20:37:18 +0530
Available diffs
vim (2:8.1.2269-1ubuntu5.8) focal-security; urgency=medium
* SECURITY UPDATE: heap based buffer overflow in spelling suggestion
function
- debian/patches/CVE-2022-0943.patch: adjust "badlen".
- CVE-2022-0943
* SECURITY UPDATE: use-after-free when processing regular expressions in old
engine
- debian/patches/CVE-2022-1154.patch: after getting mark get the line
again.
- CVE-2022-1154
* SECURITY UPDATE: buffer overflow when using invalid command with composing
chars
- debian/patches/CVE-2022-1616.patch: check that the whole character fits
in the buffer.
- CVE-2022-1616
* SECURITY UPDATE: heap buffer overflow when processing CTRL-W in latin1
encoding
- debian/patches/CVE-2022-1619.patch: check already being at the start of
the command line.
- CVE-2022-1619
* SECURITY UPDATE: NULL pointer access when using invalid pattern
- debian/patches/CVE-2022-1620.patch: check for failed regexp program.
- CVE-2022-1620
* SECURITY UPDATE: heap buffer overflow when processing invalid character
added to word list
- debian/patches/CVE-2022-1621.patch: check for a valid word string.
- debian/patches/remove_test_spell_single_word.patch: removal of test
test_spell_single_word from src/testdir/test_spell.vim
- CVE-2022-1621
-- Nishit Majithia <email address hidden> Tue, 13 Sep 2022 19:18:19 +0530
Available diffs
vim (2:8.2.3995-1ubuntu2.1) jammy-security; urgency=medium
* SECURITY UPDATE: heap based buffer overflow in spelling suggestion
function
- debian/patches/CVE-2022-0943.patch: adjust "badlen".
- CVE-2022-0943
* SECURITY UPDATE: use-after-free when processing regular expressions in old
engine
- debian/patches/CVE-2022-1154.patch: after getting mark get the line
again.
- CVE-2022-1154
* SECURITY UPDATE: use out-of-range pointer offset
- debian/patches/CVE-2022-1420.patch: crash when using a number for lambda
name
- CVE-2022-1420
* SECURITY UPDATE: buffer overflow when using invalid command with composing
chars
- debian/patches/CVE-2022-1616.patch: check that the whole character fits
in the buffer.
- CVE-2022-1616
* SECURITY UPDATE: heap buffer overflow when processing CTRL-W in latin1
encoding
- debian/patches/CVE-2022-1619.patch: check already being at the start of
the command line.
- CVE-2022-1619
* SECURITY UPDATE: NULL pointer access when using invalid pattern
- debian/patches/CVE-2022-1620.patch: check for failed regexp program.
- CVE-2022-1620
* SECURITY UPDATE: heap buffer overflow when processing invalid character
added to word list
- debian/patches/CVE-2022-1621.patch: check for a valid word string.
- debian/patches/remove_test_spell_single_word.patch: removal of test
test_spell_single_word from src/testdir/test_spell.vim
- CVE-2022-1621
-- Nishit Majithia <email address hidden> Tue, 13 Sep 2022 15:05:02 +0530
Available diffs
| Superseded in lunar-release |
| Obsolete in kinetic-release |
| Deleted in kinetic-proposed (Reason: Moved to kinetic) |
vim (2:9.0.0242-1ubuntu1) kinetic; urgency=low
* Merge from Debian unstable. Remaining changes:
+ debian/runtime/vimrc:
"syntax on" is a sane default for non-tiny vim.
+ debian/patches/debian/ubuntu-grub-syntax.patch:
Add Ubuntu-specific "quiet" keyword.
+ debian/patches/ubuntu-mouse-off.patch:
Mouse mode is actively harmful in some chroots.
+ debian/patches/patches/increase_timeout.diff:
Increase timeout for the Test_pattern_compile_speed patch.
+ debian/patches/0001-fix-flaky-terminal-mode-test.vim: Fix flaky vim
terminal mode test
+ debian/patches/0002-disable-failing-tests-on-ppc64.patch: Disable some
tests that were throwing an ENOMEM during build on ppc64el. The tests
are only disabled when building on ppc64el.
Available diffs
| 1 → 75 of 291 results | First • Previous • Next • Last |
