[CLSA-2025:1738170565] vim: Fix of 5 CVEs
Type:
security
Severity:
Important
Release date:
2025-01-29 17:09:33 UTC
Description:
- CVE-2023-2610: limit the text length to MAXCOL - CVE-2023-4735: don't overflow buf2, check size in for loop() - CVE-2023-4750: check buffer is valid before accessing it - CVE-2023-4752: validate buffer before accessing it - CVE-2023-4781: disallow exchanging windows when textlock is active - Drop the patch level in version.c to the original one
Updated packages:
  • vim-X11-8.2.2637-20.el9_1.tuxcare.els9.x86_64.rpm
    sha:bd2ce004d2cebf73a3cbeac1917037d8aeff582f5ace691f0df5334e47293282
  • vim-common-8.2.2637-20.el9_1.tuxcare.els9.x86_64.rpm
    sha:2f1b96a12d62e24ee07120393eaba6f47246ba98ff7d13c1f8c07dc5057bf47f
  • vim-enhanced-8.2.2637-20.el9_1.tuxcare.els9.x86_64.rpm
    sha:4db30adf7e1bb3f24a93510f983ab4f15ac0d372e121ee8bbd1dcf5f599c38fa
  • vim-filesystem-8.2.2637-20.el9_1.tuxcare.els9.noarch.rpm
    sha:2396fdea63420aba98e34eb7d6a7abe9c3dd72c6b37b22760adccf15cfd1e3ea
  • vim-minimal-8.2.2637-20.el9_1.tuxcare.els9.x86_64.rpm
    sha:9aeb01bbcfd31471bc3ab580b6bff4e156f13df63e73696e9f0af64c096382cd
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.