CVE-2023-0049 (https://huntr.dev/bounties/5e6f325c-ba54-4bf0-b050-dca048fd3fd9): Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.1143. Patch: https://github.com/vim/vim/commit/7b17eb4b063a234376c1ec909ee293e42cff290c
CVE-2023-0054 (https://huntr.dev/bounties/b289ee0f-fd16-4147-bd01-c6289c45e49d): https://github.com/vim/vim/commit/3ac1d97a1d9353490493d30088256360435f7731 Out-of-bounds Write in GitHub repository vim/vim prior to 9.0.1145. CVE-2023-0051 (https://huntr.dev/bounties/1c8686db-baa6-42dc-ba45-aed322802de9): https://github.com/vim/vim/commit/c32949b0779106ed5710ae3bffc5053e49083ab4 Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1144.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=fd95a6723f06b9168f90ac9856131fc9ac133542 commit fd95a6723f06b9168f90ac9856131fc9ac133542 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-01-08 04:06:35 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-01-08 04:55:05 +0000 app-editors/gvim: add 9.0.1157 Bug: https://bugs.gentoo.org/889730 Signed-off-by: Sam James <sam@gentoo.org> app-editors/gvim/Manifest | 1 + app-editors/gvim/gvim-9.0.1157.ebuild | 367 ++++++++++++++++++++++++++++++++++ 2 files changed, 368 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1242c380cd055678f90c3d6e8cb83d2e5a64ec97 commit 1242c380cd055678f90c3d6e8cb83d2e5a64ec97 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-01-08 04:04:37 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-01-08 04:55:05 +0000 app-editors/vim: add 9.0.1157 Bug: https://bugs.gentoo.org/889730 Signed-off-by: Sam James <sam@gentoo.org> app-editors/vim/Manifest | 1 + app-editors/vim/vim-9.0.1157.ebuild | 372 ++++++++++++++++++++++++++++++++++++ 2 files changed, 373 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=33e6817e3d108cb8e4cd1ad17227cf7f408b2fc1 commit 33e6817e3d108cb8e4cd1ad17227cf7f408b2fc1 Author: Sam James <sam@gentoo.org> AuthorDate: 2023-01-08 04:04:29 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-01-08 04:55:04 +0000 app-editors/vim-core: add 9.0.1157 Bug: https://bugs.gentoo.org/889730 Signed-off-by: Sam James <sam@gentoo.org> app-editors/vim-core/Manifest | 1 + app-editors/vim-core/vim-core-9.0.1157.ebuild | 231 ++++++++++++++++++++++++++ 2 files changed, 232 insertions(+)
GLSA request filed
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=57791e0ecfc392428cba8ab5152bafbd79e57d46 commit 57791e0ecfc392428cba8ab5152bafbd79e57d46 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-05-03 10:03:57 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2023-05-03 10:05:28 +0000 [ GLSA 202305-16 ] Vim, gVim: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/851231 Bug: https://bugs.gentoo.org/861092 Bug: https://bugs.gentoo.org/869359 Bug: https://bugs.gentoo.org/879257 Bug: https://bugs.gentoo.org/883681 Bug: https://bugs.gentoo.org/889730 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Sam James <sam@gentoo.org> glsa-202305-16.xml | 155 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 155 insertions(+)
