FEDORA-2022-3b33d04743 — security update for vim

stable

vim-9.0.246-1.fc35

FEDORA-2022-3b33d04743 created by zdohnal 2 years ago for Fedora 35

Security fixes for CVE-2022-2946, CVE-2022-2923, CVE-2022-2845, CVE-2022-2889

How to install

Updates may require up to 24 hours to propagate to mirrors. If the following command doesn't work, please retry later:

sudo dnf upgrade --refresh --advisory=FEDORA-2022-3b33d04743

This update has been submitted for testing by zdohnal.

2 years ago

This update's test gating status has been changed to 'waiting'.

2 years ago

This update's test gating status has been changed to 'failed'.

2 years ago

This update has been pushed to testing.

2 years ago

This update's test gating status has been changed to 'passed'.

2 years ago

boycottsystemd1 provided feedback 2 years ago

karma

nixuser commented & provided feedback 2 years ago

karma

Working fine in a Fedora 35 VM.

This update has been submitted for stable by bodhi.

2 years ago

This update has been pushed to stable.

2 years ago

Please login to add feedback.

Metadata

Type

security

Severity

low

Karma

Signed

Content Type

RPM

Test Gating

passed

Autopush Settings

Unstable by Karma

-2

Stable by Karma

Stable by Time

14 days

Dates

submitted

2 years ago

in testing

2 years ago

in stable

2 years ago

Builds

vim-9.0.246-1.fc35

BZ#2119844 CVE-2022-2845 vim: Buffer Under-read

BZ#2119864 CVE-2022-2889 vim: use-after-free in find_var_also_in_script() in evalvars.c

BZ#2119866 CVE-2022-2889 vim: use-after-free in find_var_also_in_script() in evalvars.c [fedora-all]

BZ#2120989 CVE-2022-2923 vim: null pointer dereference in function sug_filltree

BZ#2120990 CVE-2022-2923 vim: null pointer dereference in function sug_filltree [fedora-all]

BZ#2120993 CVE-2022-2946 vim: use after free in function vim_vsnprintf_typval

BZ#2120994 CVE-2022-2946 vim: use after free in function vim_vsnprintf_typval [fedora-all]

vim-9.0.246-1.fc35

Automated Test Results

passed