Release date:
2026-05-12 18:27:13 UTC
Description:
- CVE-2022-2257: fix out-of-bounds read in str2special() when advancing
past the trailing NUL of a menu item with only a modifier (message.c,
upstream patch 9.0.0009)
- CVE-2022-2182: fix heap buffer overflow in parse_cmd_address() when
address line 0 is used with the ";" separator (":0;/PATTERN/"); clamp
cursor column via check_cursor_col() for line 0 (ex_docmd.c, upstream
patch 8.2.5150)
- CVE-2022-2849: return zero byte length for NUL in latin_ptr2len() and
dbcs_ptr2len() so iterating past the end of a null string cannot
dereference an invalid address (mbyte.c, upstream patch 9.0.0220;
minimal form — only the functional changes backported)
Updated packages:
-
vim-X11-8.2.2637-22.el9_6.1.tuxcare.els26.x86_64.rpm
sha:afe0b9fc00c25c660fd04d6b41a917298c81b389e991103368bfccb5c541edd0
-
vim-common-8.2.2637-22.el9_6.1.tuxcare.els26.x86_64.rpm
sha:23635bbd5065aae825f1f1297d7e70040f4a341d54d26fdc9556cdaf551e24e8
-
vim-enhanced-8.2.2637-22.el9_6.1.tuxcare.els26.x86_64.rpm
sha:e32d675898ecbcdf1cf9627ecfc8537a5100cbac932f438491425e900ebbf9c1
-
vim-filesystem-8.2.2637-22.el9_6.1.tuxcare.els26.noarch.rpm
sha:f2eb8a8fc3a6adde418219135c50f2f134f421d43df41120b61e959e8f938ca2
-
vim-minimal-8.2.2637-22.el9_6.1.tuxcare.els26.x86_64.rpm
sha:256e10401f67f55dbcd3c6939dcd340772f9708920863f34810d91cc34065de1
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
