Advisory: CLSA-2022:1653329020
OS: Ubuntu 16.04 ELS
Public date: 2022-05-23 00:00:00
Project: vim
Version: 3:7.4.1689-3ubuntu1.5+tuxcare.els12
Errata link: https://errata.tuxcare.com/els_os/ubuntu16.04els/CLSA-2022-1653329020.html
* SECURITY UPDATE: Going before the start of the command line - debian/patches/CVE-2022-1619.patch: Check already being at the start of the command line - CVE-2022-1619 * SECURITY UPDATE: NULL pointer access when using invalid pattern - debian/patches/CVE-2022-1620.patch: Check for failed regexp program - CVE-2022-1620 * SECURITY UPDATE: Can add invalid bytes with :spellgood - debian/patches/CVE-2022-1621.patch: Check for a valid word string - CVE-2022-1621 * SECURITY UPDATE: Trailing backslash may cause reading past end of line - debian/patches/CVE-2022-1629.patch: Check for NUL after backslash - CVE-2022-1629 * SECURITY UPDATE: Buffer overflow with invalid command with composing chars - debian/patches/CVE-2022-1616.patch: Check that the whole character fits in the buffer - CVE-2022-1616
Update command: apt-get update apt-get --only-upgrade install vim*
vim_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-common_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els12_all.deb vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els12_all.deb vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els12_all.deb vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els12_amd64.deb