Publishing details

• Published on 2023-04-19
• Copied from ubuntu bionic in PPA for Ubuntu Security Proposed by Nishit Majithia

Changelog

vim (2:8.0.1453-1ubuntu1.13) bionic-security; urgency=medium

  * SECURITY UPDATE: use-after-free when matching inside a visual selection
    - debian/patches/CVE-2021-4192.patch: get the line again after getvvcol().
    - CVE-2021-4192
  * SECURITY UPDATE: out-of-bounds read when processing data in visual mode
    - debian/patches/CVE-2021-4193.patch: check for valid column in getvcol().
    - CVE-2021-4193
  * SECURITY UPDATE: heap buffer overflow when processing long file names
    - debian/patches/CVE-2022-0213.patch: check length when appending a space.
    - CVE-2022-0213
  * SECURITY UPDATE: heap-based buffer overflow when performing a block insert
    - debian/patches/CVE-2022-0261.patch: handle invalid byte better. Fix
      inserting the wrong text.
    - debian/patches/CVE-2022-0318-1.patch: for block insert only use the
      offset for correcting the length.
    - debian/patches/CVE-2022-0318-2.patch: adjust the expected output for
      utf8 block insert test.
    - CVE-2022-0261
    - CVE-2022-0318
  * SECURITY UPDATE: out-of-bounds read when exchanging windows in visual mode
    - debian/patches/CVE-2022-0319.patch: correct end of Visual area when
      entering another buffer.
    - CVE-2022-0319
  * SECURITY UPDATE: stack pointer corruption when parsing too many brackets
    in expression
    - debian/patches/CVE-2022-0351.patch: limit recursion to 1000.
    - CVE-2022-0351
  * SECURITY UPDATE: illegal memory access when processing large indent in ex
    mode
    - debian/patches/CVE-2022-0359.patch: allocate enough memory.
    - CVE-2022-0359
  * SECURITY UPDATE: illegal memory access when copying lines in visual mode
    - debian/patches/CVE-2022-0361.patch: adjust the Visual position after
      copying lines.
    - CVE-2022-0361
  * SECURITY UPDATE: illegal memory access when undo makes visual area invalid
    in visual mode
    - debian/patches/CVE-2022-0368.patch: correct the Visual area after undo.
    - CVE-2022-0368
  * SECURITY UPDATE: stack corruption when looking for spelling suggestions
    - debian/patches/CVE-2022-0408.patch: prevent the depth increased too
      much. Add a five second time limit to finding suggestions.
    - CVE-2022-0408
  * SECURITY UPDATE: use of freed memory when managing buffers
    - debian/patches/CVE-2022-0443.patch: do not use wiped out buffer.
    - CVE-2022-0443
  * SECURITY UPDATE: heap buffer overflow when processing vim buffers
    - debian/patches/CVE-2022-0554.patch: when deleting the current buffer to
      not pick a quickfix buffer as the new current buffer.
    - CVE-2022-0554
  * SECURITY UPDATE: heap buffer overflow when repeatedly using :retab
    - debian/patches/CVE-2022-0572.patch: bail out when the line is getting
      too long.
    - CVE-2022-0572
  * SECURITY UPDATE: out-of-range pointer offset when using special multi-byte
    character
    - debian/patches/CVE-2022-0685.patch: don't use isalpha() for an arbitrary
      character.
    - CVE-2022-0685
  * SECURITY UPDATE: heap buffer overflow when processing anomalous
    'vartabstop' value
    - debian/patches/CVE-2022-0714.patch: check for running into the end of
      the line.
    - CVE-2022-0714
  * SECURITY UPDATE: out-of-range pointer offset when processing specific
    regexp pattern and string
    - debian/patches/CVE-2022-0729.patch: stop at the start of the string.
    - CVE-2022-0729
  * SECURITY UPDATE: heap-based buffer overflow
    - debian/patches/CVE-2022-2207.patch: adds a check to see if the cursor
      column is great than zero.
    - CVE-2022-2207

 -- Nishit Majithia <email address hidden>  Tue, 18 Apr 2023 14:50:34 +0530

Builds

• amd64
• arm64
• armhf
• i386
• ppc64el
• s390x

Built packages

• vim Vi IMproved - enhanced vi editor

• vim-athena Vi IMproved - enhanced vi editor - with Athena GUI

• vim-athena-dbgsym debug symbols for vim-athena

• vim-common Vi IMproved - Common files

• vim-dbgsym debug symbols for vim

• vim-doc Vi IMproved - HTML documentation

• vim-gnome Vi IMproved - enhanced vi editor (dummy package)

• vim-gtk Vi IMproved - enhanced vi editor - with GTK2 GUI

• vim-gtk-dbgsym debug symbols for vim-gtk

• vim-gtk3 Vi IMproved - enhanced vi editor - with GTK3 GUI

• vim-gtk3-dbgsym debug symbols for vim-gtk3

• vim-gui-common Vi IMproved - Common GUI files

• vim-nox Vi IMproved - enhanced vi editor - with scripting languages support

• vim-nox-dbgsym debug symbols for vim-nox

• vim-runtime Vi IMproved - Runtime files

• vim-tiny Vi IMproved - enhanced vi editor - compact version

• vim-tiny-dbgsym debug symbols for vim-tiny

• xxd tool to make (or reverse) a hex dump

• xxd-dbgsym debug symbols for xxd

Package files

• vim-athena-dbgsym_8.0.1453-1ubuntu1.13_amd64.ddeb (3.8 MiB)
• vim-athena-dbgsym_8.0.1453-1ubuntu1.13_arm64.ddeb (3.9 MiB)
• vim-athena-dbgsym_8.0.1453-1ubuntu1.13_armhf.ddeb (3.7 MiB)
• vim-athena-dbgsym_8.0.1453-1ubuntu1.13_i386.ddeb (3.5 MiB)
• vim-athena-dbgsym_8.0.1453-1ubuntu1.13_ppc64el.ddeb (4.7 MiB)
• vim-athena-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb (4.0 MiB)
• vim-athena_8.0.1453-1ubuntu1.13_amd64.deb (1.3 MiB)
• vim-athena_8.0.1453-1ubuntu1.13_arm64.deb (1.1 MiB)
• vim-athena_8.0.1453-1ubuntu1.13_armhf.deb (1.1 MiB)
• vim-athena_8.0.1453-1ubuntu1.13_i386.deb (1.3 MiB)
• vim-athena_8.0.1453-1ubuntu1.13_ppc64el.deb (1.5 MiB)
• vim-athena_8.0.1453-1ubuntu1.13_s390x.deb (1.2 MiB)
• vim-common_8.0.1453-1ubuntu1.13_all.deb (71.4 KiB)
• vim-dbgsym_8.0.1453-1ubuntu1.13_amd64.ddeb (3.1 MiB)
• vim-dbgsym_8.0.1453-1ubuntu1.13_arm64.ddeb (3.2 MiB)
• vim-dbgsym_8.0.1453-1ubuntu1.13_armhf.ddeb (3.0 MiB)
• vim-dbgsym_8.0.1453-1ubuntu1.13_i386.ddeb (2.8 MiB)
• vim-dbgsym_8.0.1453-1ubuntu1.13_ppc64el.ddeb (3.9 MiB)
• vim-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb (3.3 MiB)
• vim-doc_8.0.1453-1ubuntu1.13_all.deb (1.8 MiB)
• vim-gnome_8.0.1453-1ubuntu1.13_all.deb (14.7 KiB)
• vim-gtk-dbgsym_8.0.1453-1ubuntu1.13_amd64.ddeb (4.2 MiB)
• vim-gtk-dbgsym_8.0.1453-1ubuntu1.13_arm64.ddeb (4.3 MiB)
• vim-gtk-dbgsym_8.0.1453-1ubuntu1.13_armhf.ddeb (4.1 MiB)
• vim-gtk-dbgsym_8.0.1453-1ubuntu1.13_i386.ddeb (3.8 MiB)
• vim-gtk-dbgsym_8.0.1453-1ubuntu1.13_ppc64el.ddeb (5.0 MiB)
• vim-gtk-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb (4.3 MiB)
• vim-gtk3-dbgsym_8.0.1453-1ubuntu1.13_amd64.ddeb (4.0 MiB)
• vim-gtk3-dbgsym_8.0.1453-1ubuntu1.13_arm64.ddeb (4.1 MiB)
• vim-gtk3-dbgsym_8.0.1453-1ubuntu1.13_armhf.ddeb (3.9 MiB)
• vim-gtk3-dbgsym_8.0.1453-1ubuntu1.13_i386.ddeb (3.6 MiB)
• vim-gtk3-dbgsym_8.0.1453-1ubuntu1.13_ppc64el.ddeb (4.8 MiB)
• vim-gtk3-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb (4.1 MiB)
• vim-gtk3_8.0.1453-1ubuntu1.13_amd64.deb (1.3 MiB)
• vim-gtk3_8.0.1453-1ubuntu1.13_arm64.deb (1.1 MiB)
• vim-gtk3_8.0.1453-1ubuntu1.13_armhf.deb (1.1 MiB)
• vim-gtk3_8.0.1453-1ubuntu1.13_i386.deb (1.3 MiB)
• vim-gtk3_8.0.1453-1ubuntu1.13_ppc64el.deb (1.5 MiB)
• vim-gtk3_8.0.1453-1ubuntu1.13_s390x.deb (1.2 MiB)
• vim-gtk_8.0.1453-1ubuntu1.13_amd64.deb (1.3 MiB)
• vim-gtk_8.0.1453-1ubuntu1.13_arm64.deb (1.1 MiB)
• vim-gtk_8.0.1453-1ubuntu1.13_armhf.deb (1.1 MiB)
• vim-gtk_8.0.1453-1ubuntu1.13_i386.deb (1.3 MiB)
• vim-gtk_8.0.1453-1ubuntu1.13_ppc64el.deb (1.5 MiB)
• vim-gtk_8.0.1453-1ubuntu1.13_s390x.deb (1.2 MiB)
• vim-gui-common_8.0.1453-1ubuntu1.13_all.deb (72.1 KiB)
• vim-nox-dbgsym_8.0.1453-1ubuntu1.13_amd64.ddeb (3.3 MiB)
• vim-nox-dbgsym_8.0.1453-1ubuntu1.13_arm64.ddeb (3.4 MiB)
• vim-nox-dbgsym_8.0.1453-1ubuntu1.13_armhf.ddeb (3.2 MiB)
• vim-nox-dbgsym_8.0.1453-1ubuntu1.13_i386.ddeb (3.0 MiB)
• vim-nox-dbgsym_8.0.1453-1ubuntu1.13_ppc64el.ddeb (4.1 MiB)
• vim-nox-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb (3.5 MiB)
• vim-nox_8.0.1453-1ubuntu1.13_amd64.deb (1.2 MiB)
• vim-nox_8.0.1453-1ubuntu1.13_arm64.deb (1.0 MiB)
• vim-nox_8.0.1453-1ubuntu1.13_armhf.deb (1.0 MiB)
• vim-nox_8.0.1453-1ubuntu1.13_i386.deb (1.2 MiB)
• vim-nox_8.0.1453-1ubuntu1.13_ppc64el.deb (1.4 MiB)
• vim-nox_8.0.1453-1ubuntu1.13_s390x.deb (1.1 MiB)
• vim-runtime_8.0.1453-1ubuntu1.13_all.deb (5.2 MiB)
• vim-tiny-dbgsym_8.0.1453-1ubuntu1.13_amd64.ddeb (1.1 MiB)
• vim-tiny-dbgsym_8.0.1453-1ubuntu1.13_arm64.ddeb (1.2 MiB)
• vim-tiny-dbgsym_8.0.1453-1ubuntu1.13_armhf.ddeb (1.1 MiB)
• vim-tiny-dbgsym_8.0.1453-1ubuntu1.13_i386.ddeb (1.0 MiB)
• vim-tiny-dbgsym_8.0.1453-1ubuntu1.13_ppc64el.ddeb (1.5 MiB)
• vim-tiny-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb (1.2 MiB)
• vim-tiny_8.0.1453-1ubuntu1.13_amd64.deb (467.7 KiB)
• vim-tiny_8.0.1453-1ubuntu1.13_arm64.deb (398.6 KiB)
• vim-tiny_8.0.1453-1ubuntu1.13_armhf.deb (401.2 KiB)
• vim-tiny_8.0.1453-1ubuntu1.13_i386.deb (481.6 KiB)
• vim-tiny_8.0.1453-1ubuntu1.13_ppc64el.deb (560.1 KiB)
• vim-tiny_8.0.1453-1ubuntu1.13_s390x.deb (435.2 KiB)
• vim_8.0.1453-1ubuntu1.13.debian.tar.xz (217.1 KiB)
• vim_8.0.1453-1ubuntu1.13.dsc (2.8 KiB)
• vim_8.0.1453-1ubuntu1.13_amd64.deb (1.1 MiB)
• vim_8.0.1453-1ubuntu1.13_arm64.deb (960.4 KiB)
• vim_8.0.1453-1ubuntu1.13_armhf.deb (966.4 KiB)
• vim_8.0.1453-1ubuntu1.13_i386.deb (1.2 MiB)
• vim_8.0.1453-1ubuntu1.13_ppc64el.deb (1.3 MiB)
• vim_8.0.1453-1ubuntu1.13_s390x.deb (1.0 MiB)
• vim_8.0.1453.orig.tar.gz (12.8 MiB)
• xxd-dbgsym_8.0.1453-1ubuntu1.13_amd64.ddeb (10.9 KiB)
• xxd-dbgsym_8.0.1453-1ubuntu1.13_arm64.ddeb (10.9 KiB)
• xxd-dbgsym_8.0.1453-1ubuntu1.13_armhf.ddeb (10.8 KiB)
• xxd-dbgsym_8.0.1453-1ubuntu1.13_i386.ddeb (9.3 KiB)
• xxd-dbgsym_8.0.1453-1ubuntu1.13_ppc64el.ddeb (11.3 KiB)
• xxd-dbgsym_8.0.1453-1ubuntu1.13_s390x.ddeb (10.7 KiB)
• xxd_8.0.1453-1ubuntu1.13_amd64.deb (50.7 KiB)
• xxd_8.0.1453-1ubuntu1.13_arm64.deb (49.8 KiB)
• xxd_8.0.1453-1ubuntu1.13_armhf.deb (50.4 KiB)
• xxd_8.0.1453-1ubuntu1.13_i386.deb (50.5 KiB)
• xxd_8.0.1453-1ubuntu1.13_ppc64el.deb (50.7 KiB)
• xxd_8.0.1453-1ubuntu1.13_s390x.deb (50.3 KiB)