[CLSA-2024:1705077885] Fix of 8 CVEs

Type:

security

Severity:

Moderate

Release date:

2024-01-12 16:44:49 UTC

Description:

   * SECURITY UPDATE: use-after-free in win_close()
     - debian/patches/CVE-2023-48231.patch: check window is valid, before
       accessing it
     - CVE-2023-48231
   * SECURITY UPDATE: overflow with count for :s command
     - debian/patches/CVE-2023-48233.patch: abort the :s command if the
       count is too large
     - CVE-2023-48233
   * SECURITY UPDATE: overflow in nv_z_get_count
     - debian/patches/CVE-2023-48234.patch: break out, if count is too
       large
     - CVE-2023-48234
   * SECURITY UPDATE: overflow in ex address parsing
     - debian/patches/CVE-2023-48235.patch: verify that lnum is positive,
       before substracting from LONG_MAX
     - CVE-2023-48235
   * SECURITY UPDATE: overflow in get_number
     - debian/patches/CVE-2023-48236.patch: return 0 when the count gets
       too large
     - CVE-2023-48236
   * SECURITY UPDATE: overflow in shift_line
     - debian/patches/CVE-2023-48237.patch: allow a max indent of INT_MAX
     - CVE-2023-48237
   * SECURITY UPDATE: overflow in :history
     - debian/patches/CVE-2023-46246.patch: check that value fits into int
     - CVE-2023-46246
   * SECURITY UPDATE: recursive command line loop may cause a crash
     - debian/patches/CVE-2022-1771.patch: limit recursion of getcmdline()
     - CVE-2022-1771

Updated packages:

vim_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:7d4f3669baa834bbc601d4e5a77ea050a37ddf1b
vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:3ae6c76754f8fff45a6fc326a6180c32af5cc9ed
vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:bc1935010effb51d1e46361d4e8b80b30046ebd3
vim-common_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:f6af01185887fdf185e63c8e7fda13d542f2f80b
vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els49_all.deb
sha:81617602d8448bb3db0423ba46d8a6884fad33fa
vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:028505a3288d4f09026450607e28634c94b29e55
vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:e3d30883be83fa8989181a703ca39e98f65d99c2
vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:fc521cfba1686113547d3e84a5d93fa46ffdf16b
vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:fbe9585665a2e6d92faba0e1db32a70479885402
vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:cf1b654f21cc7318e4cc6b3d9c740ab2153631c3
vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:8ad0b264cbda0a858cb3eeb6fbfa0dbc05acfe05
vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els49_all.deb
sha:80380d9d781e01efa8befa6dabec0ea9bda8549d
vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:ad177deba327bdc74c8f2884e5e7cd87e1dea314
vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:afd2262be47d0ac63013588c4e6096cc02567152
vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els49_all.deb
sha:24be222f718ca2086cb1d5a7bb9278fb93ed6784
vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els49_amd64.deb
sha:0b4c2a81bcece9fac9ad654c27edef34cf997987

Notes:

This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.