[CLSA-2022:1658172267] Fix CVE(s): CVE-2022-2206, CVE-2022-2257, CVE-2022-2286, CVE-2022-2285, CVE-2022-2284, CVE-2022-2287, CVE-2022-2264

Type:

security

Severity:

Important

Release date:

2022-07-18 19:24:27 UTC

Description:

   * SECURITY UPDATE: Out-of-bound read in function msg_outtrans_attr
     - debian/patches/CVE-2022-2206.patch: Adjust cmdline_row and
     msg_row to the value of Rows.
     - CVE-2022-2206
   * SECURITY UPDATE: Heap-based buffer overflow in function utfc_ptr2len
     - debian/patches/CVE-2022-2284.patch: Stop Visual mode when
     closing a window.
     - CVE-2022-2284
   * SECURITY UPDATE: Integer overflow in function del_typebuf
     - debian/patches/CVE-2022-2285.patch: Put a NUL after the typeahead
     - CVE-2022-2285
   * SECURITY UPDATE: Out-of-bounds read in function ins_bytes
     - debian/patches/CVE-2022-2286.patch: Check the length of the string
     - CVE-2022-2286
   * SECURITY UPDATE: Out-of-bound read data in function
     suggest_trie_walk() abusing array byts
     - debian/patches/CVE-2022-2287.patch: Disallow adding a word
     with control characters or a trailing slash.
     - CVE-2022-2287
   * SECURITY UPDATE: Heap-based buffer overflow in function inc on
     put command
     - debian/patches/CVE-2022-2264.patch: Adjust the end mark position.
     - CVE-2022-2264
   * SECURITY UPDATE: Out-of-bound read in function msg_outtrans_special
     - debian/patches/CVE-2022-2257.patch: check for NUL in str2special
     - CVE-2022-2257

Updated packages:

vim_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:0c8297dce2f4ca20768ba629179324b19e0a9d2a
vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:a0aedb5faf4a4598cd89400c078c214c9c78b39f
vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:1e47de904354d9934eab2a58f93a9c30723c98cf
vim-common_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:36b5c8ab377aa9598cd34c66b723bd6188c4dd22
vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els23_all.deb
sha:d5727016ba4080cdad98cb5ea860bf3cdaa163b8
vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:6512ee157dcbccdf9087dfa68048e5003bfafb18
vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:f60cf225b30bba06ebb78e9ea0c708d372caa3f4
vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:cfad898b0f187cf93491d0318bb1c2ce527e6207
vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:5798e24e202c5763be09240a3746d53717e2ff0f
vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:4a4847e3fa3e3bd89f008fb8f7f1d566e2eb2a2f
vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:c8dfc65d6bc8411e589c39ffef975fafe723ef0b
vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els23_all.deb
sha:ef49a621a582b2562866e32f2b6d2712f216804a
vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:e202ce6f2f8dff9bf4519e511cebb2ac37ed831c
vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:ccbf3971a50d291ed4d9383931c9dc2902cc31b0
vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els23_all.deb
sha:0af588ef232b0b616d6b1c2425747c8a193eeba2
vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els23_amd64.deb
sha:65fad051c60e05f930c7b2bac12d2387c3fbc82b

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.