[CLSA-2022:1653006752] Fixed CVEs in vim: CVE-2022-1620, CVE-2022-1616, CVE-2022-1629, CVE-2022-1621, CVE-2022-1619
Type:
security
Severity:
Important
Release date:
2022-05-20
Description:
- CVE-2022-1619: fix going before the command line start with latin1 encoding - CVE-2022-1620: fix NULL pointer dereference when using invalig regexp - CVE-2022-1621: fix to avoid adding invalid bytes with :spellgood - CVE-2022-1629: fix reading past end of line if ended with trailing backslash - CVE-2022-1616: fix buffer overflow with invalid command with composing chars
Updated packages:
  • vim-enhanced-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
    sha:bfe7e0506613d95dd12a44dcdcd4479fe6c2f52d
  • vim-minimal-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
    sha:f4d3a727ea8ca66c22b499664d1f89e6d740f775
  • vim-filesystem-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
    sha:33a3440f8660db4b9587e0c55a80c679dd964d95
  • vim-common-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
    sha:93f4335f48ba135f32661ddc32918986cf924eef
  • vim-X11-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
    sha:5b3adf42859f87810f4a490a5359180b1de8b81d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.