Release Info

Advisory: CLSA-2023:1695063978

OS: Ubuntu 16.04 ELS

Public date: 2023-09-18 15:06:20

Project: vim

Version: 3:7.4.1689-3ubuntu1.5+tuxcare.els44

Errata link: https://errata.cloudlinux.com/ubuntu16-els/CLSA-2023-1695063978.html

Changelog

* SECURITY UPDATE: Use-after-free in do_ecmd() - debian/patches/CVE-2023-4733.patch: Verify oldwin pointer after reset_VIsual() - CVE-2023-4733 * SECURITY UPDATE: Potential OOB write in do_addsub() - debian/patches/CVE-2023-4735.patch: Don't overflow buf2, check size in for loop() - CVE-2023-4735

Update

Update command: apt-get update apt-get --only-upgrade install vim*

Packages list

vim_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-common_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els44_all.deb vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els44_all.deb vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els44_all.deb vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els44_amd64.deb

CVEs

CVE-2023-4735
CVE-2023-4733