diff options
author | Helmut Grohne <helmut@subdivi.de> | 2022-11-24 10:16:21 +0100 |
---|---|---|
committer | Helmut Grohne <helmut@subdivi.de> | 2022-11-24 10:17:12 +0100 |
commit | c56dcc47493e0659506a4d7cc7f5ff079beac948 (patch) | |
tree | 77f0ffe634a18cf8c85793b78956ecb5e3e116c5 | |
parent | 5c3e7bb386d9ad65cfa20c09aea891f06fd74c0d (diff) |
Reserve DLA-3204-1 for vim
-rw-r--r-- | data/CVE/list | 5 | ||||
-rw-r--r-- | data/DLA/list | 3 | ||||
-rw-r--r-- | data/dla-needed.txt | 4 |
3 files changed, 3 insertions, 9 deletions
diff --git a/data/CVE/list b/data/CVE/list index 27f8ad0c12..6002e5cdf8 100644 --- a/data/CVE/list +++ b/data/CVE/list @@ -38291,7 +38291,6 @@ CVE-2022-29890 (In affected versions of Octopus Server the help sidebar can be c CVE-2022-2000 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...) - vim 2:9.0.0135-1 (bug #1015984) [bullseye] - vim <no-dsa> (Minor issue) - [buster] - vim <no-dsa> (Minor issue) [stretch] - vim <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/f61a64e2-d163-461b-a77e-46ab38e021f0 NOTE: https://github.com/vim/vim/commit/44a3f3353e0407e9fffee138125a6927d1c9e7e5 (v8.2.5063) @@ -40093,7 +40092,6 @@ CVE-2022-1943 (A flaw out of bounds memory write in the Linux kernel UDF file sy CVE-2022-1942 (Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. ...) - vim 2:9.0.0135-1 (bug #1015984) [bullseye] - vim <no-dsa> (Minor issue) - [buster] - vim <no-dsa> (Minor issue) [stretch] - vim <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/67ca4d3b-9175-43c1-925c-72a7091bc071 NOTE: https://github.com/vim/vim/commit/71223e2db87c2bf3b09aecb46266b56cda26191d (v8.2.5043) @@ -40507,7 +40505,6 @@ CVE-2022-1898 (Use After Free in GitHub repository vim/vim prior to 8.2. ...) CVE-2022-1897 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2. ...) - vim 2:9.0.0135-1 (bug #1015984) [bullseye] - vim <no-dsa> (Minor issue) - [buster] - vim <no-dsa> (Minor issue) [stretch] - vim <postponed> (Minor issue) NOTE: https://huntr.dev/bounties/82c12151-c283-40cf-aa05-2e39efa89118 NOTE: https://github.com/vim/vim/commit/338f1fc0ee3ca929387448fe464579d6113fa76a (v8.2.5023) @@ -42683,7 +42680,6 @@ CVE-2022-1786 (A use-after-free flaw was found in the Linux kernel’s io_ur CVE-2022-1785 (Out-of-bounds Write in GitHub repository vim/vim prior to 8.2.4977. ...) - vim 2:9.0.0135-1 (bug #1015984) [bullseye] - vim <no-dsa> (Minor issue) - [buster] - vim <no-dsa> (Minor issue) [stretch] - vim <no-dsa> (Minor issue) NOTE: https://huntr.dev/bounties/8c969cba-eef2-4943-b44a-4e3089599109 NOTE: https://github.com/vim/vim/commit/e2bd8600b873d2cd1f9d667c28cba8b1dba18839 (v8.2.4977) @@ -63500,7 +63496,6 @@ CVE-2022-21154 (An integer overflow vulnerability exists in the fltSaveCMP funct CVE-2022-0392 (Heap-based Buffer Overflow in GitHub repository vim prior to 8.2. ...) - vim 2:8.2.4659-1 [bullseye] - vim <no-dsa> (Minor issue) - [buster] - vim <no-dsa> (Minor issue) [stretch] - vim <not-affected> (vulnerable code was introduced later) NOTE: https://huntr.dev/bounties/d00a2acd-1935-4195-9d5b-4115ef6b3126 NOTE: https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a (v8.2.4218) diff --git a/data/DLA/list b/data/DLA/list index 4c0bfca5a8..780bc6a251 100644 --- a/data/DLA/list +++ b/data/DLA/list @@ -1,3 +1,6 @@ +[24 Nov 2022] DLA-3204-1 vim - security update + {CVE-2022-0318 CVE-2022-0392 CVE-2022-0629 CVE-2022-0696 CVE-2022-1619 CVE-2022-1621 CVE-2022-1785 CVE-2022-1897 CVE-2022-1942 CVE-2022-2000 CVE-2022-2129 CVE-2022-3235 CVE-2022-3256 CVE-2022-3352} + [buster] - vim 2:8.1.0875-5+deb10u4 [23 Nov 2022] DLA-3203-1 nginx - security update {CVE-2021-3618 CVE-2022-41741 CVE-2022-41742} [buster] - nginx 1.14.2-2+deb10u5 diff --git a/data/dla-needed.txt b/data/dla-needed.txt index 64db57d953..de89b324d1 100644 --- a/data/dla-needed.txt +++ b/data/dla-needed.txt @@ -339,10 +339,6 @@ varnish NOTE: 20221109: Programming language: C. NOTE: 20221109: First DLA, 3 minor CVEs to fix (Beuc/front-desk) -- -vim (Helmut) - NOTE: 20221108: Programming language: C. - NOTE: 20221108: VCS: https://salsa.debian.org/lts-team/packages/vim.git --- virglrenderer (Thorsten Alteholz) NOTE: 20221009: Programming language: C. -- |