ELSA-2022-0366

Опубликовано: 03 фев. 2022

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2022-0366: vim security update (MODERATE)

[8.0.1763-16.0.1.4]

- Remove upstream references [Orabug: 31197557]

[2:8.0.1763-16.4]

CVE-2021-4193 vim: vulnerable to Out-of-bounds Read
CVE-2021-4192 vim: vulnerable to Use After Free

[2:8.0.1763-16.3]

2028341 - CVE-2021-3984 vim: illegal memory access when C-indenting could lead to Heap Buffer Overflow [rhel-8.6.0]
2028430 - CVE-2021-4019 vim: heap-based buffer overflow in find_help_tags() in src/help.c [rhel-8.6.0]

[2:8.0.1763-16.2]

remove the upstream test - uses a feature which is not presented in RHEL 8

[2:8.0.1763-16.1]

CVE-2021-3872 vim: heap-based buffer overflow in win_redr_status() drawscreen.c [rhel-8.6.0]

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

vim-X11

8.0.1763-16.0.1.el8_5.4

vim-common

8.0.1763-16.0.1.el8_5.4

vim-enhanced

8.0.1763-16.0.1.el8_5.4

vim-filesystem

8.0.1763-16.0.1.el8_5.4

vim-minimal

8.0.1763-16.0.1.el8_5.4

Oracle Linux x86_64

vim-X11

8.0.1763-16.0.1.el8_5.4

vim-common

8.0.1763-16.0.1.el8_5.4

vim-enhanced

8.0.1763-16.0.1.el8_5.4

vim-filesystem

8.0.1763-16.0.1.el8_5.4

vim-minimal

8.0.1763-16.0.1.el8_5.4

Связанные CVE

Ссылки на источники

Связанные уязвимости

RLSA-2022:0366

rocky

около 4 лет назад

Moderate: vim security update

SUSE-SU-2022:2102-1

suse-cvrf

больше 3 лет назад

Security update for vim

openSUSE-SU-2022:0736-1

suse-cvrf

почти 4 года назад

Security update for vim

SUSE-SU-2022:0736-1

suse-cvrf

почти 4 года назад

Security update for vim

CVE-2021-3872

CVSS3: 7.8

ubuntu

больше 4 лет назад

vim is vulnerable to Heap-based Buffer Overflow