Release Info

Advisory: CLSA-2022:1658854080

OS: Oracle Linux 6 ELS

Public date: 2022-07-26 00:00:00

Project: vim

Version: 7.4.629-5.2.el6.tuxcare.els23

Errata link: https://errata.cloudlinux.com/ol6/CLSA-2022-1658854080.html

Changelog

- CVE-2022-2289: bail out when diff pointer is no longer valid to avoid accessing freed memory with diff put - CVE-2022-2304: limit the word length to avoid out of bound accesing

Update

Update command: yum update vim*

Packages list

vim-common-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm vim-filesystem-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm vim-minimal-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm vim-enhanced-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm vim-X11-7.4.629-5.2.el6.tuxcare.els23.x86_64.rpm

CVEs

CVE-2022-2304
CVE-2022-2289