Advisory: CLSA-2025:1761845210
OS: Debian 10 ELS
Public date: 2025-10-30 17:26:55.930197
Project: vim
Version: 2:8.1.0875-5+deb10u6+tuxcare.els5
Errata link: https://errata.tuxcare.com/els_os/debian10els/CLSA-2025-1761845210.html
* SECURITY UPDATE: Heap-based Buffer Overflow - debian/patches/CVE-2022-1733.patch: Check for NUL to prevent reading past end of the line when C-indenting - CVE-2022-1733 * SECURITY UPDATE: Use After Free - debian/patches/CVE-2022-1796.patch: Fix accessing freed memory when line is flushed by making a copy of the search pattern - CVE-2022-1796 * SECURITY UPDATE: Heap-based Buffer Overflow - debian/patches/CVE-2022-1886.patch: Check the length is more than zero to fix access before start of text with a put command - CVE-2022-1886 * SECURITY UPDATE: Use After Free - debian/patches/CVE-2022-3016.patch: Return QF_ABORT when location list changed in autocmd - CVE-2022-3016
Update command: apt-get update apt-get --only-upgrade install vim*
vim_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb vim-athena_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb vim-common_8.1.0875-5+deb10u6+tuxcare.els5_all.deb vim-doc_8.1.0875-5+deb10u6+tuxcare.els5_all.deb vim-gtk_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els5_all.deb vim-nox_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb vim-runtime_8.1.0875-5+deb10u6+tuxcare.els5_all.deb vim-tiny_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb xxd_8.1.0875-5+deb10u6+tuxcare.els5_amd64.deb