[Git][security-tracker-team/security-tracker][master] Add some new vim issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Jun 19 21:14:31 BST 2022 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
729176b6 by Salvatore Bonaccorso at 2022-06-19T22:14:00+02:00
Add some new vim issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -79,17 +79,25 @@ CVE-2022-33981 (drivers/block/floppy.c in the Linux kernel before 5.17.6 is vuln
 CVE-2022-33980
 	RESERVED
 CVE-2022-2129 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...)
-	TODO: check
+	- vim <unfixed>
+	NOTE: https://huntr.dev/bounties/3aaf06e7-9ae1-454d-b8ca-8709c98e5352
+	NOTE: https://github.com/vim/vim/commit/d6211a52ab9f53b82f884561ed43d2fe4d24ff7d (v8.2.5126)
 CVE-2022-2128
 	RESERVED
 CVE-2022-2127
 	RESERVED
 CVE-2022-2126 (Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. ...)
-	TODO: check
+	- vim <unfixed>
+	NOTE: https://huntr.dev/bounties/8d196d9b-3d10-41d2-9f70-8ef0d08c946e
+	NOTE: https://github.com/vim/vim/commit/156d3911952d73b03d7420dc3540215247db0fe8 (v8.2.5123)
 CVE-2022-2125 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...)
-	TODO: check
+	- vim <unfixed>
+	NOTE: https://huntr.dev/bounties/17dab24d-beec-464d-9a72-5b6b11283705
+	NOTE: https://github.com/vim/vim/commit/0e8e938d497260dd57be67b4966cb27a5f72376f (v8.2.5122)
 CVE-2022-2124 (Buffer Over-read in GitHub repository vim/vim prior to 8.2. ...)
-	TODO: check
+	- vim <unfixed>
+	NOTE: https://huntr.dev/bounties/8e9e056d-f733-4540-98b6-414bf36e0b42
+	NOTE: https://github.com/vim/vim/commit/2f074f4685897ab7212e25931eeeb0212292829f (v8.2.5120)
 CVE-2021-46823 (python-ldap before 3.4.0 is vulnerable to a denial of service when lda ...)
 	- python-ldap 3.4.0-1
 	NOTE: https://github.com/python-ldap/python-ldap/security/advisories/GHSA-r8wq-qrxc-hmcm



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/729176b694284c423f12ce2c1dcbe5f15b1edef3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/729176b694284c423f12ce2c1dcbe5f15b1edef3
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220619/d6d5840c/attachment.htm>

More information about the debian-security-tracker-commits mailing list