Format: 1.8 Date: Tue, 18 Apr 2023 14:50:34 +0530 Source: vim Binary: vim-common vim-gui-common vim-runtime vim-doc vim-tiny vim vim-gtk vim-gtk3 vim-nox vim-athena vim-gnome xxd Architecture: s390x s390x_translations Version: 2:8.0.1453-1ubuntu1.13 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Nishit Majithia Description: vim - Vi IMproved - enhanced vi editor vim-athena - Vi IMproved - enhanced vi editor - with Athena GUI vim-common - Vi IMproved - Common files vim-doc - Vi IMproved - HTML documentation vim-gnome - Vi IMproved - enhanced vi editor (dummy package) vim-gtk - Vi IMproved - enhanced vi editor - with GTK2 GUI vim-gtk3 - Vi IMproved - enhanced vi editor - with GTK3 GUI vim-gui-common - Vi IMproved - Common GUI files vim-nox - Vi IMproved - enhanced vi editor - with scripting languages suppo vim-runtime - Vi IMproved - Runtime files vim-tiny - Vi IMproved - enhanced vi editor - compact version xxd - tool to make (or reverse) a hex dump Changes: vim (2:8.0.1453-1ubuntu1.13) bionic-security; urgency=medium . * SECURITY UPDATE: use-after-free when matching inside a visual selection - debian/patches/CVE-2021-4192.patch: get the line again after getvvcol(). - CVE-2021-4192 * SECURITY UPDATE: out-of-bounds read when processing data in visual mode - debian/patches/CVE-2021-4193.patch: check for valid column in getvcol(). - CVE-2021-4193 * SECURITY UPDATE: heap buffer overflow when processing long file names - debian/patches/CVE-2022-0213.patch: check length when appending a space. - CVE-2022-0213 * SECURITY UPDATE: heap-based buffer overflow when performing a block insert - debian/patches/CVE-2022-0261.patch: handle invalid byte better. Fix inserting the wrong text. - debian/patches/CVE-2022-0318-1.patch: for block insert only use the offset for correcting the length. - debian/patches/CVE-2022-0318-2.patch: adjust the expected output for utf8 block insert test. - CVE-2022-0261 - CVE-2022-0318 * SECURITY UPDATE: out-of-bounds read when exchanging windows in visual mode - debian/patches/CVE-2022-0319.patch: correct end of Visual area when entering another buffer. - CVE-2022-0319 * SECURITY UPDATE: stack pointer corruption when parsing too many brackets in expression - debian/patches/CVE-2022-0351.patch: limit recursion to 1000. - CVE-2022-0351 * SECURITY UPDATE: illegal memory access when processing large indent in ex mode - debian/patches/CVE-2022-0359.patch: allocate enough memory. - CVE-2022-0359 * SECURITY UPDATE: illegal memory access when copying lines in visual mode - debian/patches/CVE-2022-0361.patch: adjust the Visual position after copying lines. - CVE-2022-0361 * SECURITY UPDATE: illegal memory access when undo makes visual area invalid in visual mode - debian/patches/CVE-2022-0368.patch: correct the Visual area after undo. - CVE-2022-0368 * SECURITY UPDATE: stack corruption when looking for spelling suggestions - debian/patches/CVE-2022-0408.patch: prevent the depth increased too much. Add a five second time limit to finding suggestions. - CVE-2022-0408 * SECURITY UPDATE: use of freed memory when managing buffers - debian/patches/CVE-2022-0443.patch: do not use wiped out buffer. - CVE-2022-0443 * SECURITY UPDATE: heap buffer overflow when processing vim buffers - debian/patches/CVE-2022-0554.patch: when deleting the current buffer to not pick a quickfix buffer as the new current buffer. - CVE-2022-0554 * SECURITY UPDATE: heap buffer overflow when repeatedly using :retab - debian/patches/CVE-2022-0572.patch: bail out when the line is getting too long. - CVE-2022-0572 * SECURITY UPDATE: out-of-range pointer offset when using special multi-byte character - debian/patches/CVE-2022-0685.patch: don't use isalpha() for an arbitrary character. - CVE-2022-0685 * SECURITY UPDATE: heap buffer overflow when processing anomalous 'vartabstop' value - debian/patches/CVE-2022-0714.patch: check for running into the end of the line. - CVE-2022-0714 * SECURITY UPDATE: out-of-range pointer offset when processing specific regexp pattern and string - debian/patches/CVE-2022-0729.patch: stop at the start of the string. - CVE-2022-0729 * SECURITY UPDATE: heap-based buffer overflow - debian/patches/CVE-2022-2207.patch: adds a check to see if the cursor column is great than zero. - CVE-2022-2207 Checksums-Sha1: 058e871775fddef24c1eee8eedd0f4137ab6abb8 4199460 vim-athena-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 139d3b315dfe60faaac5b5cb44f8a1de56532435 1233076 vim-athena_8.0.1453-1ubuntu1.13_s390x.deb 11e9ffd7b50dd354f8347c88196e5ffaf6b24727 3408056 vim-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 497390ce3e2bfc6da008eb6508b8e6bf5a3205f4 4543244 vim-gtk-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 2c7809ad827054293c1d3929ac31ad8bb5464b25 4328408 vim-gtk3-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 47a8ba77ba5217ed6161d7efd70682862fc6de59 1243832 vim-gtk3_8.0.1453-1ubuntu1.13_s390x.deb f088e8ed2dc2249ac8e95a3abe5d50329f41797e 1245792 vim-gtk_8.0.1453-1ubuntu1.13_s390x.deb bd57a4e7da0960ec3fa341f68741d7e3345ee539 3627788 vim-nox-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 338998bba64da7a74e3962384acc05af910b0389 1136068 vim-nox_8.0.1453-1ubuntu1.13_s390x.deb 108dfdbd7b4a3fecc349725da01829f5a92059ec 1264832 vim-tiny-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 5a5ec2658e156ae9537c4f3c5059b195e77ef5c1 445676 vim-tiny_8.0.1453-1ubuntu1.13_s390x.deb 3bafc69d4cd660c00bbc0798a6f37c470b95e09c 19687 vim_8.0.1453-1ubuntu1.13_s390x.buildinfo c8be7081ad2eda7ee3c315c02e7a8c1496de1739 1065340 vim_8.0.1453-1ubuntu1.13_s390x.deb 4bf2acab3c83931541152935cb13ed517cc0b027 3417396 vim_8.0.1453-1ubuntu1.13_s390x_translations.tar.gz a8f6fdaeef7adb1085a1b9efe11e0f33d2adbf9e 10928 xxd-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 977ae6e7a811f344b47be705737ac967e19fbd57 51512 xxd_8.0.1453-1ubuntu1.13_s390x.deb Checksums-Sha256: 9e4e8ba635e49ff4c9b253fcb7e489ca95f6752f31c29daa1cace9202d218543 4199460 vim-athena-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb f700cc61dd5ab02c203ceb02db72797ca7fe5f48145d66c304a802d90dbf56c0 1233076 vim-athena_8.0.1453-1ubuntu1.13_s390x.deb 1dba83a5f5e966672c4f9d6b14d26cf7a4d13b62eb24d5de86e05cfdbcb6d402 3408056 vim-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 40a7555f74952356ed0df433df17fcb2a351c803ae1095d7df3cc6853fe7dbfb 4543244 vim-gtk-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb e3acae0844cdb5310ababacd40b4db104759c9edd7398c8fdd60d31a64bbe462 4328408 vim-gtk3-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 07173b7e7da9636e920a40101191b891296d7e9836893b6102f1230a7707596d 1243832 vim-gtk3_8.0.1453-1ubuntu1.13_s390x.deb d423a690f2d3aa6e6eef522273fadc9048c9a6815227ca3655a7331f872d09b1 1245792 vim-gtk_8.0.1453-1ubuntu1.13_s390x.deb def9ccd36f30c938bc10f46b5a8c7a62ab83fc368b4c21855fcbddc65644e34f 3627788 vim-nox-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb e9c3bf0d6b07af56a0933eb2ca93eb4b0aa852b56430dd455a9c54f19a2fa4fa 1136068 vim-nox_8.0.1453-1ubuntu1.13_s390x.deb 3f59680b0bff3732f8817c265f141b468cbb2bc4d95be4bce52831e934f8704b 1264832 vim-tiny-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb ea97a9a3f4b59580662164fb931579eb664c9fb6228eb3cea32fa7cc7d54e96f 445676 vim-tiny_8.0.1453-1ubuntu1.13_s390x.deb 7467b405e8b9138d8521f6c468d9b6631ecbd8d7c1b6bffa3b2c2aea476498f3 19687 vim_8.0.1453-1ubuntu1.13_s390x.buildinfo a933be45f14ef1b7b4a2c8b6db187b5a64ffeeb54e172c75dee17e462a89729f 1065340 vim_8.0.1453-1ubuntu1.13_s390x.deb 8bf76b50bf430c7e6928d556ef5fd259b451e61942bc0b09bdf4e947379ad911 3417396 vim_8.0.1453-1ubuntu1.13_s390x_translations.tar.gz fe80827c974cc162f1db29f2d1678f821df6fc89360da6d46f84c2e00e0a088f 10928 xxd-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb f187e43ee11b9f047ae571c8e96de9866f88e9de89c5f5bb38cf8a9ef7a28652 51512 xxd_8.0.1453-1ubuntu1.13_s390x.deb Files: df1161d323e9052bf9ed71da449a4157 4199460 debug optional vim-athena-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 2db1ed9bb80a0c591e8c0c0026809207 1233076 editors optional vim-athena_8.0.1453-1ubuntu1.13_s390x.deb 6824129eee7913c2121cdb325f2bbfa5 3408056 debug optional vim-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 588be3b0cdd70798c29dd950f5ef066a 4543244 debug optional vim-gtk-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb f90bfacf03cfde2ece665844159f3fbc 4328408 debug optional vim-gtk3-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb d2ed72c2bf0924eab269f5a17a0ee09c 1243832 editors optional vim-gtk3_8.0.1453-1ubuntu1.13_s390x.deb 8e124e32656a90d04b5128b570402362 1245792 editors optional vim-gtk_8.0.1453-1ubuntu1.13_s390x.deb bcebdb517e440602e24d809c5bc25352 3627788 debug optional vim-nox-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 7470ca30d9197fbef579a5af79aea177 1136068 editors optional vim-nox_8.0.1453-1ubuntu1.13_s390x.deb ddde5c4d8f19c634f75a508855835837 1264832 debug optional vim-tiny-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 06754dc8d21e2f5ae6fa47609a4d2c3b 445676 editors important vim-tiny_8.0.1453-1ubuntu1.13_s390x.deb 71f9eb840137aeb57f3b4ebe207e80d8 19687 editors optional vim_8.0.1453-1ubuntu1.13_s390x.buildinfo e0893f450423129d369fecbcb15fbd6d 1065340 editors optional vim_8.0.1453-1ubuntu1.13_s390x.deb fc4cc9c4474862b05d6c69515648b6ae 3417396 raw-translations - vim_8.0.1453-1ubuntu1.13_s390x_translations.tar.gz dc9fe60d14a504e7bcaf8567f450a099 10928 debug optional xxd-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb 4b3b228ca532cf5ba0d00e60be43ce54 51512 editors optional xxd_8.0.1453-1ubuntu1.13_s390x.deb Original-Maintainer: Debian Vim Maintainers