[Git][security-tracker-team/security-tracker][master] Track fixes for some CVEs for vim via unstable upload
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Oct 6 20:49:43 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
8fc8425e by Salvatore Bonaccorso at 2025-10-06T21:49:10+02:00
Track fixes for some CVEs for vim via unstable upload
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -16044,7 +16044,7 @@ CVE-2025-9391 (A weakness has been identified in Bjskzy Zhiyou ERP up to 11.0. A
NOT-FOR-US: Bjskzy Zhiyou ERP
CVE-2025-9390 (A security flaw has been discovered in vim up to 9.1.1615. Affected by ...)
[experimental] - vim 2:9.1.1766-1
- - vim <unfixed> (unimportant)
+ - vim 2:9.1.1829-1 (unimportant)
NOTE: https://github.com/vim/vim/issues/17944
NOTE: https://github.com/vim/vim/pull/17947
NOTE: https://github.com/vim/vim/commit/eeef7c77436a78cd27047b0f5fa6925d56de3cb0 (v9.1.1616)
@@ -27514,7 +27514,7 @@ CVE-2025-2799 (The WP Event Manager \u2013 Events Calendar, Registrations, Sell
NOT-FOR-US: WordPress plugin
CVE-2025-53906 (Vim is an open source, command line text editor. Prior to version 9.1. ...)
[experimental] - vim 2:9.1.1766-1
- - vim <unfixed> (bug #1109374)
+ - vim 2:9.1.1829-1 (bug #1109374)
[trixie] - vim <no-dsa> (Minor issue)
[bookworm] - vim <no-dsa> (Minor issue)
[bullseye] - vim <postponed> (Minor issue; path traversal requiring direct user interaction)
@@ -27523,7 +27523,7 @@ CVE-2025-53906 (Vim is an open source, command line text editor. Prior to versio
NOTE: https://github.com/vim/vim/security/advisories/GHSA-r2fw-9cw4-mj86
CVE-2025-53905 (Vim is an open source, command line text editor. Prior to version 9.1. ...)
[experimental] - vim 2:9.1.1766-1
- - vim <unfixed> (bug #1109374)
+ - vim 2:9.1.1829-1 (bug #1109374)
[trixie] - vim <no-dsa> (Minor issue)
[bookworm] - vim <no-dsa> (Minor issue)
[bullseye] - vim <postponed> (Minor issue; path traversal requiring direct user interaction)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fc8425e539f7780c5b9b7cd9f5deb9737281233
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fc8425e539f7780c5b9b7cd9f5deb9737281233
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251006/12035259/attachment.htm>
More information about the debian-security-tracker-commits
mailing list