[Git][security-tracker-team/security-tracker][master] vim fixed in sid
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Fri Sep 30 08:00:53 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f18e2f32 by Moritz Muehlenhoff at 2022-09-30T09:00:31+02:00
vim fixed in sid
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -275,7 +275,7 @@ CVE-2022-3354 (A vulnerability has been found in Open5GS up to 2.4.10 and classi
CVE-2022-3353
RESERVED
CVE-2022-3352 (Use After Free in GitHub repository vim/vim prior to 9.0.0614. ...)
- - vim <unfixed>
+ - vim 2:9.0.0626-1
NOTE: https://huntr.dev/bounties/d058f182-a49b-40c7-9234-43d4c5a29f60
NOTE: https://github.com/vim/vim/commit/ef976323e770315b5fca544efb6b2faa25674d15 (v9.0.0614)
CVE-2022-3351
@@ -599,7 +599,7 @@ CVE-2022-3326 (Weak Password Requirements in GitHub repository ikus060/rdiffweb
CVE-2022-3325
RESERVED
CVE-2022-3324 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...)
- - vim <unfixed>
+ - vim 2:9.0.0626-1
NOTE: https://huntr.dev/bounties/e414e55b-f332-491f-863b-c18dca97403c/
NOTE: https://github.com/vim/vim/commit/8279af514ca7e5fd3c31cf13b0864163d1a0bfeb (v9.0.0598)
CVE-2022-3323 (An SQL injection vulnerability in Advantech iView 5.7.04.6469. The spe ...)
@@ -1150,7 +1150,7 @@ CVE-2022-3297 (Use After Free in GitHub repository vim/vim prior to 9.0.0579. ..
NOTE: https://github.com/vim/vim/commit/0ff01835a40f549c5c4a550502f62a2ac9ac447c (v9.0.0579)
NOTE: Crash in CLI tool, no security impact
CVE-2022-3296 (Stack-based Buffer Overflow in GitHub repository vim/vim prior to 9.0. ...)
- - vim <unfixed>
+ - vim 2:9.0.0626-1
NOTE: https://huntr.dev/bounties/958866b8-526a-4979-9471-39392e0c9077
NOTE: https://github.com/vim/vim/commit/96b9bf8f74af8abf1e30054f996708db7dc285be (v9.0.0577)
CVE-2022-3295 (Allocation of Resources Without Limits or Throttling in GitHub reposit ...)
@@ -1226,7 +1226,7 @@ CVE-2022-3280
CVE-2022-3279
RESERVED
CVE-2022-3278 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.055 ...)
- - vim <unfixed> (unimportant)
+ - vim 2:9.0.0626-1 (unimportant)
NOTE: https://huntr.dev/bounties/a9fad77e-f245-4ce9-ba15-c7d4c86c4612/
NOTE: https://github.com/vim/vim/commit/69082916c8b5d321545d60b9f5facad0a2dd5a4e (v9.0.0552)
NOTE: Crash in CLI toool, no security impact
@@ -1427,7 +1427,7 @@ CVE-2022-3258
CVE-2022-3257 (Mattermost version 7.1.x and earlier fails to sufficiently process a s ...)
- mattermost-server <itp> (bug #823556)
CVE-2022-3256 (Use After Free in GitHub repository vim/vim prior to 9.0.0530. ...)
- - vim <unfixed>
+ - vim 2:9.0.0626-1
NOTE: https://huntr.dev/bounties/8336a3df-212a-4f8d-ae34-76ef1f936bb3
NOTE: https://github.com/vim/vim/commit/8ecfa2c56b4992c7f067b92488aa9acea5a454ad (v9.0.0530)
CVE-2022-3255 (If an attacker can control a script that is executed in the victim's b ...)
@@ -2494,7 +2494,7 @@ CVE-2022-3236 (A code injection vulnerability in the User Portal and Webadmin al
CVE-2022-40763
RESERVED
CVE-2022-3235 (Use After Free in GitHub repository vim/vim prior to 9.0.0490. ...)
- - vim <unfixed>
+ - vim 2:9.0.0626-1
NOTE: https://huntr.dev/bounties/96d5f7a0-a834-4571-b73b-0fe523b941af
NOTE: https://github.com/vim/vim/commit/1c3dd8ddcba63c1af5112e567215b3cec2de11d0 (v9.0.0490)
CVE-2022-40762 (A Memory Allocation with Excessive Size Value vulnerablity in the TEE_ ...)
@@ -2515,7 +2515,7 @@ CVE-2022-40755 (JasPer 3.0.6 allows denial of service via a reachable assertion
- jasper <removed>
NOTE: https://github.com/jasper-software/jasper/issues/338
CVE-2022-3234 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.0 ...)
- - vim <unfixed>
+ - vim 2:9.0.0626-1
NOTE: https://huntr.dev/bounties/90fdf374-bf04-4386-8a23-38c83b88f0da/
NOTE: https://github.com/vim/vim/commit/c249913edc35c0e666d783bfc21595cf9f7d9e0d (v9.0.0483)
CVE-2022-40754 (In Apache Airflow 2.3.0 through 2.3.4, there was an open redirect in t ...)
@@ -4010,7 +4010,7 @@ CVE-2022-3155
CVE-2022-3154
RESERVED
CVE-2022-3153 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.040 ...)
- - vim <unfixed> (unimportant)
+ - vim 2:9.0.0626-1 (unimportant)
NOTE: https://huntr.dev/bounties/68331124-620d-48bc-a8fa-cd947b26270a
NOTE: https://github.com/vim/vim/commit/1540d334a04d874c2aa9d26b82dbbcd4bc5a78de (v9.0.0404)
NOTE: Crash in CLI toool, no security impact
@@ -4435,7 +4435,7 @@ CVE-2022-39960 (The Netic Group Export add-on before 1.0.3 for Atlassian Jira do
CVE-2022-3135 (The SEO Smart Links WordPress plugin through 3.0.1 does not sanitise a ...)
NOT-FOR-US: WordPress plugin
CVE-2022-3134 (Use After Free in GitHub repository vim/vim prior to 9.0.0389. ...)
- - vim <unfixed> (bug #1019590)
+ - vim 2:9.0.0626-1 (bug #1019590)
[bullseye] - vim <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/6ec79e49-c7ab-4cd6-a517-e7934c2eb9dc
NOTE: https://github.com/vim/vim/commit/ccfde4d028e891a41e3548323c3d47b06fb0b83e (v9.0.0389)
@@ -6090,7 +6090,7 @@ CVE-2022-39199
CVE-2022-39198
RESERVED
CVE-2022-3099 (Use After Free in GitHub repository vim/vim prior to 9.0.0360. ...)
- - vim <unfixed> (bug #1019590)
+ - vim 2:9.0.0626-1 (bug #1019590)
[bullseye] - vim <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/403210c7-6cc7-4874-8934-b57f88bd4f5e
NOTE: https://github.com/vim/vim/commit/35d21c6830fc2d68aca838424a0e786821c5891c (v9.0.0360)
@@ -6670,7 +6670,7 @@ CVE-2022-3038 (Use after free in Network Service in Google Chrome prior to 105.0
- chromium 105.0.5195.52-1
[buster] - chromium <end-of-life> (see DSA 5046)
CVE-2022-3037 (Use After Free in GitHub repository vim/vim prior to 9.0.0322. ...)
- - vim <unfixed> (bug #1019590)
+ - vim 2:9.0.0626-1 (bug #1019590)
NOTE: https://huntr.dev/bounties/af4c2f2d-d754-4607-b565-9e92f3f717b5
NOTE: https://github.com/vim/vim/commit/4f1b083be43f351bc107541e7b0c9655a5d2c0bb (v9.0.0322)
CVE-2022-3036 (The Gettext override translations WordPress plugin before 2.0.0 does n ...)
@@ -7471,7 +7471,7 @@ CVE-2022-2984
CVE-2022-2983
RESERVED
CVE-2022-2982 (Use After Free in GitHub repository vim/vim prior to 9.0.0260. ...)
- - vim <unfixed> (bug #1019590)
+ - vim 2:9.0.0626-1 (bug #1019590)
NOTE: https://huntr.dev/bounties/53f53d9a-ba8a-4985-b7ba-23efbe6833be
NOTE: https://github.com/vim/vim/commit/d6c67629ed05aae436164eec474832daf8ba7420 (v9.0.0260)
CVE-2022-2981
@@ -7744,7 +7744,7 @@ CVE-2022-38648 (Server-Side Request Forgery (SSRF) vulnerability in Batik of Apa
NOTE: https://issues.apache.org/jira/browse/BATIK-1333
NOTE: http://svn.apache.org/viewvc?view=revision&revision=1903625
CVE-2022-2946 (Use After Free in GitHub repository vim/vim prior to 9.0.0246. ...)
- - vim <unfixed> (bug #1019590)
+ - vim 2:9.0.0626-1 (bug #1019590)
[bullseye] - vim <no-dsa> (Minor issue)
NOTE: https://huntr.dev/bounties/5d389a18-5026-47df-a5d0-1548a9b555d5
NOTE: https://github.com/vim/vim/commit/adce965162dd89bf29ee0e5baf53652e7515762c (v9.0.0246)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f18e2f32a18e2ca7ab7948924b4e942cbf50b2d9
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f18e2f32a18e2ca7ab7948924b4e942cbf50b2d9
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220930/85e3f3c0/attachment.htm>
More information about the debian-security-tracker-commits
mailing list