Reserve DLA-3204-1 for vim

3 files changed, 3 insertions, 9 deletions

diff --git a/data/CVE/list b/data/CVE/list
index 27f8ad0c12..6002e5cdf8 100644
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -38291,7 +38291,6 @@ CVE-2022-29890 (In affected versions of Octopus Server the help sidebar can be c
 CVE-2022-2000 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...)
 	- vim 2:9.0.0135-1 (bug #1015984)
 	[bullseye] - vim <no-dsa> (Minor issue)
-	[buster] - vim <no-dsa> (Minor issue)
 	[stretch] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/f61a64e2-d163-461b-a77e-46ab38e021f0
 	NOTE: https://github.com/vim/vim/commit/44a3f3353e0407e9fffee138125a6927d1c9e7e5 (v8.2.5063)
@@ -40093,7 +40092,6 @@ CVE-2022-1943 (A flaw out of bounds memory write in the Linux kernel UDF file sy
 CVE-2022-1942 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...)
 	- vim 2:9.0.0135-1 (bug #1015984)
 	[bullseye] - vim <no-dsa> (Minor issue)
-	[buster] - vim <no-dsa> (Minor issue)
 	[stretch] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071
 	NOTE: https://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d (v8.2.5043)
@@ -40507,7 +40505,6 @@ CVE-2022-1898 (Use After Free in GitHub repository vim/vim prior to 8.2. ...)
 CVE-2022-1897 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...)
 	- vim 2:9.0.0135-1 (bug #1015984)
 	[bullseye] - vim <no-dsa> (Minor issue)
-	[buster] - vim <no-dsa> (Minor issue)
 	[stretch] - vim <postponed> (Minor issue)
 	NOTE: https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118
 	NOTE: https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a (v8.2.5023)
@@ -42683,7 +42680,6 @@ CVE-2022-1786 (A use-after-free flaw was found in the Linux kernel&#8217;s io_ur
 CVE-2022-1785 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. ...)
 	- vim 2:9.0.0135-1 (bug #1015984)
 	[bullseye] - vim <no-dsa> (Minor issue)
-	[buster] - vim <no-dsa> (Minor issue)
 	[stretch] - vim <no-dsa> (Minor issue)
 	NOTE: https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109
 	NOTE: https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839 (v8.2.4977)
@@ -63500,7 +63496,6 @@ CVE-2022-21154 (An integer overflow vulnerability exists in the fltSaveCMP funct
 CVE-2022-0392 (Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. ...)
 	- vim 2:8.2.4659-1
 	[bullseye] - vim <no-dsa> (Minor issue)
-	[buster] - vim <no-dsa> (Minor issue)
 	[stretch] - vim <not-affected> (vulnerable code was introduced later)
 	NOTE: https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126
 	NOTE: https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a (v8.2.4218)
diff --git a/data/DLA/list b/data/DLA/list
index 4c0bfca5a8..780bc6a251 100644
--- a/data/DLA/list
+++ b/data/DLA/list
@@ -1,3 +1,6 @@
+[24 Nov 2022] DLA-3204-1 vim - security update
+	{CVE-2022-0318 CVE-2022-0392 CVE-2022-0629 CVE-2022-0696 CVE-2022-1619 CVE-2022-1621 CVE-2022-1785 CVE-2022-1897 CVE-2022-1942 CVE-2022-2000 CVE-2022-2129 CVE-2022-3235 CVE-2022-3256 CVE-2022-3352}
+	[buster] - vim 2:8.1.0875-5+deb10u4
 [23 Nov 2022] DLA-3203-1 nginx - security update
 	{CVE-2021-3618 CVE-2022-41741 CVE-2022-41742}
 	[buster] - nginx 1.14.2-2+deb10u5
diff --git a/data/dla-needed.txt b/data/dla-needed.txt
index 64db57d953..de89b324d1 100644
--- a/data/dla-needed.txt
+++ b/data/dla-needed.txt
@@ -339,10 +339,6 @@ varnish
   NOTE: 20221109: Programming language: C.
   NOTE: 20221109: First DLA, 3 minor CVEs to fix (Beuc/front-desk)
 --
-vim (Helmut)
-  NOTE: 20221108: Programming language: C.
-  NOTE: 20221108: VCS: https://salsa.debian.org/lts-team/packages/vim.git
---
 virglrenderer (Thorsten Alteholz)
   NOTE: 20221009: Programming language: C.
 --