Release Info

Advisory: CLSA-2021:1639580651

OS: Ubuntu 16.04 ELS

Public date: 2021-12-15 00:00:00

Project: vim

Version: 3:7.4.1689-3ubuntu1.5+tuxcare.els4

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2021-1639580651.html

Changelog

* SECURITY UPDATE: Using freed memory with regexp using a mark - debian/patches/CVE-2021-3974.patch: Get the line again after getting the mark position - CVE-2021-3974 * SECURITY UPDATE: Illegal memory access when C-indenting - debian/patches/CVE-2021-3984.patch: Also set the cursor column - CVE-2021-3984 * SECURITY UPDATE: Crash when using CTRL-W f without finding a file name - debian/patches/CVE-2021-3973.patch: Bail out when the file name length is zero - CVE-2021-3973 * SECURITY UPDATE: Buffer overflow with long help argument - debian/patches/CVE-2021-4019.patch: Use snprintf - CVE-2021-4019 * SECURITY UPDATE: Using freed memory in open command - debian/patches/CVE-2021-4069.patch: Make a copy of the current line - CVE-2021-4069

Update

Update command: apt-get update apt-get --only-upgrade install vim*

Packages list

vim_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-common_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els4_all.deb vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els4_amd64.deb

CVEs

CVE-2021-3984
CVE-2021-4019
CVE-2021-3974
CVE-2021-3973
CVE-2021-4069