[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for vim issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri Jun 26 08:17:31 BST 2026



Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c22a44c7 by Salvatore Bonaccorso at 2026-06-26T09:17:06+02:00
Add Debian bug reference for vim issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -282,15 +282,15 @@ CVE-2026-57533 (Malicious HTML content could be injected into the page pretix sh
 CVE-2026-57532 (Malicious HTML content contained in the layout specification of a PDF  ...)
 	NOT-FOR-US: rami.io products
 CVE-2026-57456 (Vim is an open source, command line text editor. Prior to 9.2.0699, Vi ...)
-	- vim <unfixed>
+	- vim <unfixed> (bug #1140775)
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-ppj8-wqjf-6fp3
 	NOTE: Fixed by: https://github.com/vim/vim/commit/cce141c42740f122dd8486ae04e21c2a81016ba8 (v9.2.0699)
 CVE-2026-57455 (Vim is an open source, command line text editor. Prior to 9.2.0698, th ...)
-	- vim <unfixed>
+	- vim <unfixed> (bug #1140775)
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-q8mh-6qm3-25g4
 	NOTE: Fixed by: https://github.com/vim/vim/commit/497f931f85339d175d7f69588dd249e8ccfed41b (v9.2.0698)
 CVE-2026-57454 (Vim is an open source, command line text editor. From 9.2.0320 until 9 ...)
-	- vim <unfixed>
+	- vim <unfixed> (bug #1140775)
 	[trixie] - vim <not-affected> (Vulnerable code not present)
 	[bookworm] - vim <not-affected> (Vulnerable code not present)
 	[bullseye] - vim <not-affected> (Vulnerable code not present)
@@ -298,15 +298,15 @@ CVE-2026-57454 (Vim is an open source, command line text editor. From 9.2.0320 u
 	NOTE: Introduced with: https://github.com/vim/vim/commit/ff41e9d853ef3e366575e375d8c40cf11d5e331b (v9.2.0320)
 	NOTE: Fixed by: https://github.com/vim/vim/commit/b3faeecc976d3031d7c0675623516ec60c30f949 (v9.2.0679)
 CVE-2026-57453 (Vim is an open source, command line text editor. From 9.1.1784 until 9 ...)
-	- vim <unfixed>
+	- vim <unfixed> (bug #1140775)
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-x5fg-h5w9-9frf
 	NOTE: Fixed by: https://github.com/vim/vim/commit/b2cc9be119d51212bf0d3f2a994c7e517c73f4a9 (v9.2.0678)
 CVE-2026-57452 (Vim is an open source, command line text editor. Prior to 9.2.0671, wh ...)
-	- vim <unfixed>
+	- vim <unfixed> (bug #1140775)
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-c4j9-wr9j-4486
 	NOTE: Fixed by: https://github.com/vim/vim/commit/c8777cec25dcfae89c42e9aff51af61f71c5745f (v9.2.0671)
 CVE-2026-57451 (Vim is an open source, command line text editor. Prior to 9.2.0670, ge ...)
-	- vim <unfixed>
+	- vim <unfixed> (bug #1140775)
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-f36c-2qcp-7gpw
 	NOTE: Fixed by: https://github.com/vim/vim/commit/b2338ca90643e2f01ecb6547c1172716aaec4f79 (v9.2.0670)
 CVE-2026-57438 (Nokogiri is an open source XML and HTML library for the Ruby programmi ...)
@@ -411,11 +411,11 @@ CVE-2026-55961 (wolfSSL_PKCS7_verify() returning success for a degenerate (certs
 	- wolfssl <unfixed> (bug #1140765)
 	NOTE: https://github.com/wolfSSL/wolfssl/pull/10702 (v5.9.2-stable)
 CVE-2026-55895 (Vim is an open source, command line text editor. Prior to 9.2.0663, a  ...)
-	- vim <unfixed>
+	- vim <unfixed> (bug #1140775)
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-vhh8-v6wx-hjjh
 	NOTE: Fixed by: https://github.com/vim/vim/commit/55bc757a5d436e59d50fe43f7cda94b118f86cb2 (v9.2.0663)
 CVE-2026-55892 (Vim is an open source, command line text editor. Prior to 9.2.0662, th ...)
-	- vim <unfixed>
+	- vim <unfixed> (bug #1140775)
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-qm9w-fmpj-879h
 	NOTE: Fixed by: https://github.com/vim/vim/commit/8325b193bba5f01e7a7d8241fc8633d93dff996b (v9.2.0662)
 CVE-2026-55700 (pnpm is a package manager. From 11.3.0 until 11.5.3, `pnpm stage downl ...)
@@ -427,7 +427,7 @@ CVE-2026-55698 (pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can
 CVE-2026-55697 (pnpm is a package manager. Prior to 10.34.2 and 11.5.3, pnpm can insta ...)
 	- pnpm <itp> (bug #985669)
 CVE-2026-55693 (Vim is an open source, command line text editor. Prior to 9.2.0653, th ...)
-	- vim <unfixed>
+	- vim <unfixed> (bug #1140775)
 	NOTE: https://github.com/vim/vim/security/advisories/GHSA-wgh4-64f7-q3jq
 	NOTE: Fixed by: https://github.com/vim/vim/commit/a80874d9b84a01040e3d1aef2d4a59e1934dafb7 (v9.2.0653)
 CVE-2026-55667 (File Browser is a file managing interface for uploading, deleting, pre ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c22a44c7d16d849815fdc67dc847b72c8b0a8d23

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c22a44c7d16d849815fdc67dc847b72c8b0a8d23
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260626/ff94d2c6/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list