[Git][security-tracker-team/security-tracker][master] Track various vim issues fixed via unstable upload

[Salvatore Bonaccorso (@carnil)]

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
2024ef3a by Salvatore Bonaccorso at 2022-08-21T10:20:02+02:00
Track various vim issues fixed via unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -282,7 +282,7 @@ CVE-2022-2891
 CVE-2022-2890
 	RESERVED
 CVE-2022-2889 (Use After Free in GitHub repository vim/vim prior to 9.0.0225. ...)
-	- vim <unfixed>
+	- vim 2:9.0.0229-1
 	NOTE: https://huntr.dev/bounties/d1ac9817-825d-49ce-b514-1d5b12b6bdaa
 	NOTE: https://github.com/vim/vim/commit/91c7cbfe31bbef57d5fcf7d76989fc159f73ef15 (v9.0.0225)
 CVE-2022-2888
@@ -388,7 +388,7 @@ CVE-2022-2864
 CVE-2022-2863
 	RESERVED
 CVE-2022-2862 (Use After Free in GitHub repository vim/vim prior to 9.0.0221. ...)
-	- vim <unfixed>
+	- vim 2:9.0.0229-1
 	NOTE: https://huntr.dev/bounties/71180988-1ab6-4311-bca8-e9a879b06765
 	NOTE: https://github.com/vim/vim/commit/1889f499a4f248cd84e0e0bf6d0d820016774494 (v9.0.0221)
 CVE-2022-2861
@@ -477,7 +477,7 @@ CVE-2022-2850 [SIGSEGV in sync_repl]
 	NOTE: https://github.com/389ds/389-ds-base/issues/5418
 	NOTE: Results from an incomplete fix for CVE-2021-3514
 CVE-2022-2849 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...)
-	- vim <unfixed>
+	- vim 2:9.0.0229-1
 	NOTE: https://huntr.dev/bounties/389aeccd-deb9-49ae-9b6a-24c12d79b02e
 	NOTE: https://github.com/vim/vim/commit/f6d39c31d2177549a986d170e192d8351bd571e2 (v9.0.0220)
 CVE-2022-2848
@@ -487,7 +487,7 @@ CVE-2022-2847 (A vulnerability, which was classified as critical, has been found
 CVE-2022-2846 (A vulnerability classified as problematic was found in Calendar Event  ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2022-2845 (Buffer Over-read in GitHub repository vim/vim prior to 9.0.0218. ...)
-	- vim <unfixed>
+	- vim 2:9.0.0229-1
 	NOTE: https://huntr.dev/bounties/3e1d31ac-1cfd-4a9f-bc5c-213376b69445
 	NOTE: https://github.com/vim/vim/commit/e98c88c44c308edaea5994b8ad4363e65030968c (v9.0.0218)
 CVE-2022-2844 (A vulnerability classified as problematic has been found in MotoPress  ...)
@@ -676,7 +676,7 @@ CVE-2022-2821 (Missing Critical Step in Authentication in GitHub repository name
 CVE-2022-2820 (Improper Access Control in GitHub repository namelessmc/nameless prior ...)
 	NOT-FOR-US: NamelessMC/Nameless
 CVE-2022-2819 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...)
-	- vim <unfixed>
+	- vim 2:9.0.0229-1
 	NOTE: https://huntr.dev/bounties/0a9bd71e-66b8-4eb1-9566-7dfd9b097e59
 	NOTE: https://github.com/vim/vim/commit/d1d8f6bacb489036d0fd479c9dd3c0102c988889 (v9.0.0211)
 CVE-2022-2818 (Authentication Bypass by Primary Weakness in GitHub repository cockpit ...)
@@ -861,11 +861,11 @@ CVE-2022-38219
 CVE-2022-38218
 	RESERVED
 CVE-2022-2817 (Use After Free in GitHub repository vim/vim prior to 9.0.0213. ...)
-	- vim <unfixed>
+	- vim 2:9.0.0229-1
 	NOTE: https://huntr.dev/bounties/a7b7d242-3d88-4bde-a681-6c986aff886f
 	NOTE: https://github.com/vim/vim/commit/249e1b903a9c0460d618f6dcc59aeb8c03b24b20 (v9.0.0213)
 CVE-2022-2816 (Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0212. ...)
-	- vim <unfixed>
+	- vim 2:9.0.0229-1
 	NOTE: https://huntr.dev/bounties/e2a83037-fcf9-4218-b2b9-b7507dacde58
 	NOTE: https://github.com/vim/vim/commit/dbdd16b62560413abcc3c8e893cc3010ccf31666 (v9.0.0212)
 CVE-2022-38217



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2024ef3a8c9b0969cc2b160cacbb0a78767c4341

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2024ef3a8c9b0969cc2b160cacbb0a78767c4341
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220821/57fc384e/attachment.htm>