[CLSA-2022:1669309294] Fix CVE(s): CVE-2022-1674, CVE-2022-1725, CVE-2022-3352
Type:
security
Severity:
Important
Release date:
2022-11-24 17:01:34 UTC
Description:
* SECURITY UPDATE: Use After Free in vim - debian/patches/CVE-2022-3352.patch: Disallow deleting the current buffer to avoid using freed memory - CVE-2022-3352 * SECURITY UPDATE: Crash when matching buffer with invalid pattern - debian/patches/CVE-2022-1674.patch: Check for NULL regprog - CVE-2022-1674 * SECURITY UPDATE: Using NULL regexp program - debian/patches/CVE-2022-1725.patch: Check for regexp program becoming NULL in more places - CVE-2022-1725 * Fix: CI crashes when running out of memory, NULL pointer dereference - debian/patches/fix-addstate.patch: Apply 'maxmempattern' also to new regexp engine, check NULL pointers inside addstate() function
Updated packages:
  • vim_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:aa9417a2001a3904564cd99c23d57d967c18043d
  • vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:30fd554dd0eff316bbf9b936d1d3a274bc075aab
  • vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:c03e3fddac0848e59e293d39f6c54b8c312c9503
  • vim-common_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:0d8e459410aef275a60dc963b18e44a2700042a8
  • vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els33_all.deb
    sha:9199c3ed4e5bf6b6c8b31bbee9ce125300a1a98e
  • vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:22ded8a7e119fd2394ef88d41255d9f2c67daa87
  • vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:5005bf44dded15cc8a7f8371623646af44cbda06
  • vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:5bfa23d23a000a7d1d6d72bd3ca0e8fbeb897281
  • vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:47b454a75c4211f5ccebd745e8426042c46a56f7
  • vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:91456081434dad8fe579ddd6efb7e78bb83e648b
  • vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:7e054ebf6407590252da4322df566b8a747e7684
  • vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els33_all.deb
    sha:de42576935335ade42e70ff8a8fcf4224ea0c03c
  • vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:a4022978c16e9d49358d61f8139d185812dba140
  • vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:20d4585ddc097480cf7a574c4dcf9fde527adf58
  • vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els33_all.deb
    sha:5d6e8e205854a59d6b81ccf52263eff2df60e6e1
  • vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els33_amd64.deb
    sha:024d48e14c3645fd162e63567775bbb031b12f26
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.