[Git][security-tracker-team/security-tracker][master] triage vim CVEs

Mon Nov 14 10:51:17 GMT 2022


Helmut Grohne pushed to branch master at Debian Security Tracker / security-tracker


Commits:
01f74ec8 by Helmut Grohne at 2022-11-14T11:48:24+01:00
triage vim CVEs

apo's vim lts upload actually fixed CVE-2021-3872, but he forgot
mentioning it.

Add number of not-affected for buster and sometimes bullseye.

Remove two stretch annotations to avoid conflicts with the ELTS tracker.

- - - - -


2 changed files:

- data/CVE/list
- data/DLA/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -18497,6 +18497,7 @@ CVE-2022-3038 (Use after free in Network Service in Google Chrome prior to 105.0
 	[buster] - chromium <end-of-life> (see DSA 5046)
 CVE-2022-3037 (Use After Free in GitHub repository vim/vim prior to 9.0.0322. ...)
 	- vim 2:9.0.0626-1 (bug #1019590)
+	[buster] - vim <not-affected> (quickfixtextfunc added in 8.2.0869)
 	NOTE: https://huntr.dev/bounties/af4c2f2d-d754-4607-b565-9e92f3f717b5
 	NOTE: https://github.com/vim/vim/commit/4f1b083be43f351bc107541e7b0c9655a5d2c0bb (v9.0.0322)
 CVE-2022-3036 (The Gettext override translations WordPress plugin before 2.0.0 does n ...)
@@ -19307,6 +19308,7 @@ CVE-2022-2983
 	RESERVED
 CVE-2022-2982 (Use After Free in GitHub repository vim/vim prior to 9.0.0260. ...)
 	- vim 2:9.0.0626-1 (bug #1019590)
+	[buster] - vim <not-affected> (quickfixtextfunc added in 8.2.0869)
 	NOTE: https://huntr.dev/bounties/53f53d9a-ba8a-4985-b7ba-23efbe6833be
 	NOTE: https://github.com/vim/vim/commit/d6c67629ed05aae436164eec474832daf8ba7420 (v9.0.0260)
 CVE-2022-2981 (The Download Monitor WordPress plugin before 4.5.98 does not ensure th ...)
@@ -24133,6 +24135,8 @@ CVE-2022-2581 (Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.0104
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-2580 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...)
 	- vim 2:9.0.0135-1
+	[bullseye] - vim <not-affected> (interpolation introduced in 8.2.4930)
+	[buster] - vim <not-affected> (interpolation introduced in 8.2.4930)
 	NOTE: https://huntr.dev/bounties/c5f2f1d4-0441-4881-b19c-055acaa16249/
 	NOTE: https://github.com/vim/vim/commit/1e56bda9048a9625bce6e660938c834c5c15b07d (v9.0.0104)
 CVE-2022-2579 (A vulnerability, which was classified as problematic, was found in Sou ...)
@@ -29718,6 +29722,8 @@ CVE-2022-2289 (Use After Free in GitHub repository vim/vim prior to 9.0. ...)
 	NOTE: Crash in CLI tool, no security impact
 CVE-2022-2288 (Out-of-bounds Write in GitHub repository vim/vim prior to 9.0. ...)
 	- vim 2:9.0.0135-1 (bug #1015984)
+	[bullseye] - vim <not-affected> (vulnerable code introduced in 8.2.4763)
+	[buster] - vim <not-affected> (vulnerable code introduced in 8.2.4763)
 	NOTE: https://huntr.dev/bounties/a71bdcb7-4e9b-4650-ab6a-fe8e3e9852ad/
 	NOTE: https://github.com/vim/vim/commit/c6fdb15d423df22e1776844811d082322475e48a (v9.0.0025)
 CVE-2022-34910
@@ -44910,8 +44916,7 @@ CVE-2022-1421 (The Discy WordPress theme before 5.2 lacks CSRF checks in some AJ
 CVE-2022-1420 (Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior  ...)
 	- vim 2:8.2.4793-1
 	[bullseye] - vim <no-dsa> (Minor issue)
-	[buster] - vim <no-dsa> (Minor issue)
-	[stretch] - vim <not-affected> (Vulnerable code not present)
+	[buster] - vim <not-affected> (method call operator -> introduced in 8.1.1803)
 	NOTE: https://huntr.dev/bounties/a4323ef8-90ea-4e1c-90e9-c778f0ecf326
 	NOTE: https://github.com/vim/vim/commit/8b91e71441069b1dde9ac9ff9d9a829b1b4aecca (v8.2.4774)
 CVE-2021-46784 (In Squid 3.x through 3.5.28, 4.x through 4.17, and 5.x before 5.6, due ...)
@@ -45374,9 +45379,8 @@ CVE-2022-29404 (In Apache HTTP Server 2.4.53 and earlier, a malicious request to
 	NOTE: https://github.com/apache/httpd/commit/ce259c4061905bf834f9af51c92456cfe8335ddc
 CVE-2022-1381 (global heap buffer overflow in skip_range in GitHub repository vim/vim ...)
 	- vim 2:8.2.4793-1
-	[bullseye] - vim <no-dsa> (Minor issue)
-	[buster] - vim <no-dsa> (Minor issue)
-	[stretch] - vim <not-affected> (Vulnerable code not present)
+	[bullseye] - vim <not-affected> (affects visual range prasing, which was added in 8.2.4633)
+	[buster] - vim <not-affected> (affects visual range prasing, which was added in 8.2.4633)
 	NOTE: https://huntr.dev/bounties/55f9c0e8-c221-48b6-a00e-bdcaebaba4a4/
 	NOTE: https://github.com/vim/vim/commit/f50808ed135ab973296bca515ae4029b321afe47 (v8.2.4763)
 CVE-2022-29403
@@ -66103,6 +66107,7 @@ CVE-2021-46163 (Kentico Xperience 13.0.44 allows XSS via an XML document to the
 	NOT-FOR-US: Kentico Xperience CMS
 CVE-2022-0156 (vim is vulnerable to Use After Free ...)
 	- vim 2:8.2.4659-1 (unimportant)
+	[buster] - vim <not-affected> (vim9script functionality not present in buster and earlier)
 	NOTE: https://huntr.dev/bounties/47dded34-3767-4725-8c7c-9dcb68c70b36
 	NOTE: https://github.com/vim/vim/commit/9f1a39a5d1cd7989ada2d1cb32f97d84360e050f (v8.2.4040)
 	NOTE: Crash in CLI tool, no security impact
@@ -83923,7 +83928,6 @@ CVE-2021-3872 (vim is vulnerable to Heap-based Buffer Overflow ...)
 	{DLA-2947-1}
 	- vim 2:8.2.3565-1
 	[bullseye] - vim <no-dsa> (Minor issue)
-	[buster] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/c958013b-1c09-4939-92ca-92f50aa169e8
 	NOTE: https://github.com/vim/vim/commit/826bfe4bbd7594188e3d74d2539d9707b1c6a14b
 CVE-2021-3871


=====================================
data/DLA/list
=====================================
@@ -17,7 +17,7 @@
 	{CVE-2022-42799 CVE-2022-42823 CVE-2022-42824}
 	[buster] - webkit2gtk 2.38.2-1~deb10u1
 [08 Nov 2022] DLA-3182-1 vim - security update
-	{CVE-2021-3927 CVE-2021-3928 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4192 CVE-2021-4193 CVE-2022-0213 CVE-2022-0261 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0408 CVE-2022-0413 CVE-2022-0417 CVE-2022-0443 CVE-2022-0554 CVE-2022-0572 CVE-2022-0685 CVE-2022-0714 CVE-2022-0729 CVE-2022-0943 CVE-2022-1154 CVE-2022-1616 CVE-2022-1720 CVE-2022-1851 CVE-2022-1898 CVE-2022-1968 CVE-2022-2285 CVE-2022-2304 CVE-2022-2598 CVE-2022-2946 CVE-2022-3099 CVE-2022-3134 CVE-2022-3234 CVE-2022-3324 CVE-2022-3705}
+	{CVE-2021-3927 CVE-2021-3928 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4192 CVE-2021-4193 CVE-2022-0213 CVE-2022-0261 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0408 CVE-2022-0413 CVE-2022-0417 CVE-2022-0443 CVE-2022-0554 CVE-2022-0572 CVE-2022-0685 CVE-2022-0714 CVE-2022-0729 CVE-2022-0943 CVE-2022-1154 CVE-2022-1616 CVE-2022-1720 CVE-2022-1851 CVE-2022-1898 CVE-2022-1968 CVE-2022-2285 CVE-2022-2304 CVE-2022-2598 CVE-2022-2946 CVE-2022-3099 CVE-2022-3134 CVE-2022-3234 CVE-2022-3324 CVE-2022-3705 CVE-2021-3872}
 	[buster] - vim 2:8.1.0875-5+deb10u3
 [07 Nov 2022] DLA-3181-1 sudo - security update
 	{CVE-2021-23239}



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01f74ec833af7b412bcce146998df21eaeb05ee8

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01f74ec833af7b412bcce146998df21eaeb05ee8
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221114/e7928a02/attachment-0001.htm>
