vim-8.0.1763-19.el8.2

エラータID: AXSA:2022-3678:04

Release date: 
Monday, August 15, 2022 - 12:32
Subject: 
vim-8.0.1763-19.el8.2
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

* vim: heap buffer overflow (CVE-2022-1621)
* vim: buffer over-read (CVE-2022-1629)

For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE page(s)
listed in the References section.

CVE-2022-1621
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior
to 8.2.4919. This vulnerability is capable of crashing software, Bypass
Protection Mechanism, Modify Memory, and possible remote execution
CVE-2022-1629
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior
to 8.2.4925. This vulnerabilities are capable of crashing software, Modify
Memory, and possible remote execution

Solution: 

Update packages.

CVEs: 
CVE-2022-1621
Heap buffer overflow in vim_strncpy find_word in GitHub repository vim/vim prior to 8.2.4919. This vulnerability is capable of crashing software, Bypass Protection Mechanism, Modify Memory, and possible remote execution
CVE-2022-1629
Buffer Over-read in function find_next_quote in GitHub repository vim/vim prior to 8.2.4925. This vulnerabilities are capable of crashing software, Modify Memory, and possible remote execution
Additional Info: 

N/A

Download: 

SRPMS
  1. vim-8.0.1763-19.el8.2.src.rpm
    MD5: 7c1b14efcf1f683fab667883631cea4e
    SHA-256: d5f0a8b25e6ae61edac861da1da787e23000de0f9c1e1d2196f2d3dd67a73d65
    Size: 10.71 MB

Asianux Server 8 for x86_64
  1. vim-X11-8.0.1763-19.el8.2.x86_64.rpm
    MD5: 6e1c342b68e9a69f577d89a3331904dc
    SHA-256: 015cd2f4f8aac1f13224ebe6bb5157ead026f6b3da4e1a815cff2399756914a5
    Size: 1.50 MB
  2. vim-common-8.0.1763-19.el8.2.x86_64.rpm
    MD5: 5ca36d6209de6e8f9ceddfc6e41be030
    SHA-256: a2d0cf52d11c8d0d74b53cd8d154f3fc9700e5921f99dde159da4df78cde05b8
    Size: 6.34 MB
  3. vim-enhanced-8.0.1763-19.el8.2.x86_64.rpm
    MD5: b83a82ec663e8cf4be6c7d4fca4494c6
    SHA-256: 762408a48cc7e48550ec30adb02f43cf6c0a96f67e3abc19e8d003d9ae9e8088
    Size: 1.36 MB
  4. vim-filesystem-8.0.1763-19.el8.2.noarch.rpm
    MD5: 00887e2114e89191ac64237eb4b0dda2
    SHA-256: e1ba86d85a80383b09bb941543259f9386b30522b48ca2c7c2ceab48e27f92f0
    Size: 49.08 kB
  5. vim-minimal-8.0.1763-19.el8.2.x86_64.rpm
    MD5: fe71b4d39cab098e7ec2b36d00079488
    SHA-256: fd5bc239740ea9febc6f5aa8f9124b889c69aa05fb46678c66aa84c9e13e43b1
    Size: 573.68 kB