[CLSA-2022:1653328424] Fixed CVEs in vim: CVE-2022-1621, CVE-2022-1629, CVE-2022-1620, CVE-2022-1619, CVE-2022-1616
Type:
security
Severity:
Important
Release date:
2022-05-23
Description:
- CVE-2022-1619: fix going before the command line start with latin1 encoding - CVE-2022-1620: fix NULL pointer dereference when using invalig regexp - CVE-2022-1621: fix to avoid adding invalid bytes with :spellgood - CVE-2022-1629: fix reading past end of line if ended with trailing backslash - CVE-2022-1616: fix buffer overflow with invalid command with composing chars
Updated packages:
  • vim-minimal-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
    sha:09d25b98a2eb583519666a2217e4d4977abdac7c
  • vim-common-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
    sha:a76dace302c19e829c39f8d839145f92e3957e52
  • vim-filesystem-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
    sha:404e61189aa40b715f65fbe334b69a4d9d63fe5e
  • vim-enhanced-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
    sha:0e49d26bce284f001024d40158cf8e6f532d54cc
  • vim-X11-7.4.629-5.2.el6.tuxcare.els12.x86_64.rpm
    sha:7a1d05280498e9c5a95ee746f27dcf48160b84f3
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.