[Git][security-tracker-team/security-tracker][master] Track fixed version for vim issues addressed via unstable upload

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Jun 24 20:28:22 BST 2023



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d3e2f23c by Salvatore Bonaccorso at 2023-06-24T21:27:47+02:00
Track fixed version for vim issues addressed via unstable upload

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -4589,7 +4589,7 @@ CVE-2023-2614 (Cross-site Scripting (XSS) - DOM in GitHub repository pimcore/pim
 	NOT-FOR-US: pimcore
 CVE-2023-2610 (Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9 ...)
 	{DLA-3453-1}
-	- vim <unfixed> (bug #1035955)
+	- vim 2:9.0.1658-1 (bug #1035955)
 	[bookworm] - vim <no-dsa> (Minor issue)
 	[bullseye] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/31e67340-935b-4f6c-a923-f7246bc29c7d
@@ -4745,7 +4745,7 @@ CVE-2023-31474 (An issue was discovered on GL.iNet devices before 3.216. Through
 CVE-2023-31472 (An issue was discovered on GL.iNet devices before 3.216. There is an a ...)
 	NOT-FOR-US: GL.iNet devices
 CVE-2023-2609 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.153 ...)
-	- vim <unfixed> (unimportant)
+	- vim 2:9.0.1658-1 (unimportant)
 	NOTE: https://huntr.dev/bounties/1679be5a-565f-4a44-a430-836412a0b622
 	NOTE: https://github.com/vim/vim/commit/d1ae8366aff286d41e7f5bc513cc0a1af5130aad (v9.0.1531)
 	NOTE: Crash in CLI tool, no security impact
@@ -14992,7 +14992,7 @@ CVE-2023-28144 (KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default con
 CVE-2023-1356
 	RESERVED
 CVE-2023-1355 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.140 ...)
-	- vim <unfixed> (unimportant)
+	- vim 2:9.0.1658-1 (unimportant)
 	NOTE: https://huntr.dev/bounties/4d0a9615-d438-4f5c-8dd6-aa22f4b716d9
 	NOTE: https://github.com/vim/vim/commit/d13dd30240e32071210f55b587182ff48757ea46 (v9.0.1402)
 	NOTE: Crash in CLI tool, no security impact
@@ -15737,7 +15737,7 @@ CVE-2023-1266
 CVE-2023-1265 (An issue has been discovered in GitLab affecting all versions starting ...)
 	- gitlab 15.10.8+ds1-2
 CVE-2023-1264 (NULL Pointer Dereference in GitHub repository vim/vim prior to 9.0.139 ...)
-	- vim <unfixed> (unimportant)
+	- vim 2:9.0.1658-1 (unimportant)
 	NOTE: https://huntr.dev/bounties/b2989095-88f3-413a-9a39-c1c58a6e6815
 	NOTE: https://github.com/vim/vim/commit/7ac5023a5f1a37baafbe1043645f97ba3443d9f6 (v9.0.1392)
 	NOTE: Crash in CLI tool, no security impact



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3e2f23cd8146f42a15159cc8b782cfcf2eb059d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d3e2f23cd8146f42a15159cc8b782cfcf2eb059d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230624/9223b0c1/attachment.htm>


More information about the debian-security-tracker-commits mailing list