Format: 1.8 Date: Wed, 05 Jan 2022 21:00:18 +1100 Source: vim Binary: vim vim-athena vim-gtk3 vim-nox vim-tiny xxd Built-For-Profiles: noudeb Architecture: riscv64 riscv64_translations Version: 2:8.2.2434-1ubuntu1.3 Distribution: hirsute Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Ray Veldkamp Description: vim - Vi IMproved - enhanced vi editor vim-athena - Vi IMproved - enhanced vi editor - with Athena GUI vim-gtk3 - Vi IMproved - enhanced vi editor - with GTK3 GUI vim-nox - Vi IMproved - enhanced vi editor - with scripting languages suppo vim-tiny - Vi IMproved - enhanced vi editor - compact version xxd - tool to make (or reverse) a hex dump Changes: vim (2:8.2.2434-1ubuntu1.3) hirsute-security; urgency=medium . * SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of service when using CTRL+w+f with an empty filename - debian/patches/CVE-2021-3973-1.patch: Ensure filename is checked for zero length in src/findfile.c, src/normal.c and src/testdir/test_visual.vim - debian/patches/CVE-2021-3973-2.patch: Fix for failing test in src/findfile.c - CVE-2021-3973 . * SECURITY UPDATE: Use-after-free issue in regular expression engine when using a mark, could lead to a denial of service or code execution. - debian/patches/CVE-2021-3974.patch: Ensure check for free is made when processing mark in src/regexp_nfa.c, src/testdir/test_regexp_latin.vim - CVE-2021-3974 . * SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of service or possible code execution when C-indenting - debian/patches/CVE-2021-3984.patch: Fix memory access issue by correctly dereferencing cursor position in src/cindent.c and src/testdir/test_cindent.vim - CVE-2021-3984 . * SECURITY UPDATE: Heap-based buffer overflow could lead to a denial of service when help functions are provided with long command strings - debian/patches/CVE-2021-4019.patch: Fix handling of strcpy to use safer vim_snprintf in src/help.c and src/testdir/test_help.vim - CVE-2021-4019 . * SECURITY UPDATE: Use-after-free issue in open command can lead to a denial of service or possible code execution - debian/patches/CVE-2021-4069.patch: Fix issue making a copy of the current line and its address in src/ex_docmd.c and src/testdir/test_ex_mode.vim - CVE-2021-4069 Checksums-Sha1: 9045c8fc7c5421a7d3e9cc70136623c6a5f40848 3946216 vim-athena-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb fafba7436fab4a6178cb5e49656ae76c97cd69ab 1440756 vim-athena_8.2.2434-1ubuntu1.3_riscv64.deb 3f17bae3806272251a01cdaf405462abae0d33c1 3546300 vim-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb adb7238a31346d93e22a22ec73c9c0ee5629cce9 3972656 vim-gtk3-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb 584804b15b3e3a96581351c21255e402f12bab37 1449900 vim-gtk3_8.2.2434-1ubuntu1.3_riscv64.deb 2201428773786f2bda68560e37fc4db74cb54433 3680824 vim-nox-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb 15de1cf688b4608ed7b32ef39c315d1ffe372de6 1344572 vim-nox_8.2.2434-1ubuntu1.3_riscv64.deb d27ac385a9c948305732dea9530cd0ea31463edb 1426692 vim-tiny-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb 85ef916d21311649c6a64db70b288b1e78395fb2 538880 vim-tiny_8.2.2434-1ubuntu1.3_riscv64.deb 568f58459e52c2fc660b75a7cf1d1e9fc353545b 20162 vim_8.2.2434-1ubuntu1.3_riscv64.buildinfo 1cbdeb3da863b6a7f633d224a980ca03dea35c70 1251856 vim_8.2.2434-1ubuntu1.3_riscv64.deb d567dcf1ff7285755a6ffc2498480a6b66059dff 11618608 vim_8.2.2434-1ubuntu1.3_riscv64_translations.tar.gz 810e56ceda2ae83d4fabf48acab639195ae15b4b 12748 xxd-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb e6abf32024dea75bfe76bf88b2979b84b13ba2a3 49504 xxd_8.2.2434-1ubuntu1.3_riscv64.deb Checksums-Sha256: 0d54e717ed4a4cac6d2ac85112d99fa93dfdd581911b6a61b81def60e5f84086 3946216 vim-athena-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb 4c0550367f4347c1dc162f1f97bd870da602157cc9e871f4eb442dd0a27241ee 1440756 vim-athena_8.2.2434-1ubuntu1.3_riscv64.deb eecea130d7f3c6ad1b950f3d8148098455cb44d546827c2e80620682dacb0925 3546300 vim-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb ac98db292844dd8c219fb94f6319c61a374d6e5b178995f78021d291925b21f3 3972656 vim-gtk3-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb dfdc8391efd0cc9812303bb2ca3d6790df268950d38f696aced93180620f31f7 1449900 vim-gtk3_8.2.2434-1ubuntu1.3_riscv64.deb 9ab7c1db78ed7c5f50e456c6d8c412c528ca0ac7bf030d33b57bafec9d83f61f 3680824 vim-nox-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb f18062b7ffd8584b26fde339285688f9de564cb6c6a829db39c88e022902e6da 1344572 vim-nox_8.2.2434-1ubuntu1.3_riscv64.deb 4cf9285c99e93440c8fdcd5ab93a70fbe9e2d28f6a50a0d43b205ead4eae1aa8 1426692 vim-tiny-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb 0db3061c67557cd8ce3081eced25bec66ff81e010698b0755795a03f6fcb7f6b 538880 vim-tiny_8.2.2434-1ubuntu1.3_riscv64.deb 8ac6cb4193ecd4c1babcf326bf77983b3fdcd974b6e8f6c84be4ab194ee52f4b 20162 vim_8.2.2434-1ubuntu1.3_riscv64.buildinfo d47c463fc57b4f6c0a76bfba747c381596e8942860da51cdfdac5db4d0db7c67 1251856 vim_8.2.2434-1ubuntu1.3_riscv64.deb d94716946eb7e4fd94a55eb06676c3a854193d9ebf29b19010f0a10a65599f85 11618608 vim_8.2.2434-1ubuntu1.3_riscv64_translations.tar.gz abf626083d95f330216814944a7fdde9ae9ab9085878b40f6792c0be55681e68 12748 xxd-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb 98685b4c44452d9cc8c6794c237c3c4901e702faa402ccfecb6e446e9e3071c6 49504 xxd_8.2.2434-1ubuntu1.3_riscv64.deb Files: 2f41f6f8d1dd0b5b5dad1867735f55d6 3946216 debug optional vim-athena-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb 07ee316f6f025caf36701fa27f64f7dd 1440756 editors optional vim-athena_8.2.2434-1ubuntu1.3_riscv64.deb 6475ee4233f3e0e3ebc4e26f154b1b10 3546300 debug optional vim-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb faf15aa52fdc0ef394dde813f2f51105 3972656 debug optional vim-gtk3-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb ab204acdb414ab41965d91d3e5f97c03 1449900 editors optional vim-gtk3_8.2.2434-1ubuntu1.3_riscv64.deb cae06ae0162e48ef9a0e996c54fe0c83 3680824 debug optional vim-nox-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb 496b6bb9e2a3a5fd242c6014bc131bfa 1344572 editors optional vim-nox_8.2.2434-1ubuntu1.3_riscv64.deb d8067c0d19ab5aa744f5ab06158670a5 1426692 debug optional vim-tiny-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb f9006b0e433018f6ccad5d6701d7a41b 538880 editors important vim-tiny_8.2.2434-1ubuntu1.3_riscv64.deb 5262c5cddda89aa28fb6dde03926cac1 20162 editors optional vim_8.2.2434-1ubuntu1.3_riscv64.buildinfo 4b15c3730c20e941bb15822971adf208 1251856 editors optional vim_8.2.2434-1ubuntu1.3_riscv64.deb 30c35b83746244814b6bebeccbad541e 11618608 raw-translations - vim_8.2.2434-1ubuntu1.3_riscv64_translations.tar.gz 28463000f542d7307a7e7d7a75183048 12748 debug optional xxd-dbgsym_8.2.2434-1ubuntu1.3_riscv64.ddeb cad418d9f12cc142052206c8fa971473 49504 editors optional xxd_8.2.2434-1ubuntu1.3_riscv64.deb Original-Maintainer: Debian Vim Maintainers