Release date:
2026-05-05 19:47:14 UTC
Description:
- CVE-2022-2125: fix out-of-bounds read in get_lisp_indent(); break out
of the inner loop on NUL byte (indent.c, upstream patch 8.2.5122)
- CVE-2021-3974: fix use-after-free in nfa_regmatch() when a substitute
callback frees the regline during a mark comparison; save col and
re-fetch rex.line via reg_getline() after getmark_buf() (regexp.c +
regexp_nfa.c, upstream patch 8.2.3612)
- CVE-2022-2206: fix OOB read after terminal resize lowers Rows below
cmdline_row / msg_row; clamp both to Rows - 1 in check_shellsize()
(term.c, upstream patch 8.2.5160)
- CVE-2022-2946: fix use-after-free in do_tag() when 'tagfunc' deletes
the buffer; make a vim_strsave copy of the tagstack tagname before
calling user code (tag.c, upstream patch 9.0.0246)
- CVE-2022-2286: fix heap-buffer-overflow in the Ctrl-E completion-stop
path when the completion leader shrinks below the original text;
bounds-check compl_len against replacement string length before
ins_bytes_len() (insexpand.c, upstream patch 9.0.0020)
Updated packages:
-
vim-X11-8.2.2637-22.el9_6.1.tuxcare.els22.x86_64.rpm
sha:6a7666f1f68f84175d9b9934e59f03b3f451ac0b11235fb22fee695d2ccd4df1
-
vim-common-8.2.2637-22.el9_6.1.tuxcare.els22.x86_64.rpm
sha:0b26765971bf3ba511e2befe308bb8ae732888d6413c31833306c6b45ed4d55e
-
vim-enhanced-8.2.2637-22.el9_6.1.tuxcare.els22.x86_64.rpm
sha:320b28fd8a95a38cfca9d7c2acd9d41a99762215900f3f002b8d90a28a137aae
-
vim-filesystem-8.2.2637-22.el9_6.1.tuxcare.els22.noarch.rpm
sha:de87f0a2a058549964193c0b51da6f0e2b65f85ee9ba047ddea769b8683e7860
-
vim-minimal-8.2.2637-22.el9_6.1.tuxcare.els22.x86_64.rpm
sha:3c786c016701d12d41785a54038327a5b85cc929d245216842441b578fb7c390
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
