Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 905373 (CVE-2023-2426) - <app-editors/vim-9.0.1503, <app-editors/vim-core-9.0.1503, <app-editors/gvim-9.0.1503: Multiple vulnerabilities
Summary: <app-editors/vim-9.0.1503, <app-editors/vim-core-9.0.1503, <app-editors/gvim-...
Status: RESOLVED FIXED
Alias: CVE-2023-2426
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL:
Whiteboard: B3 [noglsa]
Keywords: PullRequest
Depends on: 908424
Blocks:
  Show dependency tree
 
Reported: 2023-04-30 12:30 UTC by filip ambroz
Modified: 2024-02-17 21:43 UTC (History)
4 users (show)

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description filip ambroz 2023-04-30 12:30:41 UTC 
CVE-2023-2426 (https://github.com/vim/vim/commit/caf642c25de526229264cab9425e7c9979f3509b)

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499.
Comment 1 Larry the Git Cow gentoo-dev 2023-05-01 01:35:13 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c3f2b4b321dccd03d25fe85d8d26f8a8698ee77a

commit c3f2b4b321dccd03d25fe85d8d26f8a8698ee77a
Author:     Oskari Pirhonen <xxc3ncoredxx@gmail.com>
AuthorDate: 2023-05-01 00:37:52 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-05-01 01:32:33 +0000

    app-editors/gvim: add 9.0.1503
    
    Bug: https://bugs.gentoo.org/905373
    Closes: https://bugs.gentoo.org/678864
    Signed-off-by: Oskari Pirhonen <xxc3ncoredxx@gmail.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 app-editors/gvim/Manifest             |   1 +
 app-editors/gvim/gvim-9.0.1503.ebuild | 367 ++++++++++++++++++++++++++++++++++
 2 files changed, 368 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b64fc47970052bff5c8039f92a70b658f5ac91e6

commit b64fc47970052bff5c8039f92a70b658f5ac91e6
Author:     Oskari Pirhonen <xxc3ncoredxx@gmail.com>
AuthorDate: 2023-05-01 00:39:57 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-05-01 01:32:33 +0000

    app-editors/vim: add 9.0.1503
    
    Bug: https://bugs.gentoo.org/905373
    Bug: https://bugs.gentoo.org/678864
    Signed-off-by: Oskari Pirhonen <xxc3ncoredxx@gmail.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 app-editors/vim/Manifest            |   1 +
 app-editors/vim/vim-9.0.1503.ebuild | 371 ++++++++++++++++++++++++++++++++++++
 2 files changed, 372 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa24ae670f87674b8c1a2399ebb68e1d391764b7

commit aa24ae670f87674b8c1a2399ebb68e1d391764b7
Author:     Oskari Pirhonen <xxc3ncoredxx@gmail.com>
AuthorDate: 2023-05-01 00:40:49 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-05-01 01:32:33 +0000

    app-editors/vim-core: add 9.0.1503
    
    Bug: https://bugs.gentoo.org/905373
    Bug: https://bugs.gentoo.org/678864
    Signed-off-by: Oskari Pirhonen <xxc3ncoredxx@gmail.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 app-editors/vim-core/Manifest                 |   1 +
 app-editors/vim-core/vim-core-9.0.1503.ebuild | 231 ++++++++++++++++++++++++++
 2 files changed, 232 insertions(+)
Comment 2 Larry the Git Cow gentoo-dev 2024-02-17 21:43:35 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=937427296cfdeecd2c3cbaa569050be01987301c

commit 937427296cfdeecd2c3cbaa569050be01987301c
Author:     Oskari Pirhonen <xxc3ncoredxx@gmail.com>
AuthorDate: 2024-02-17 01:42:32 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2024-02-17 21:43:20 +0000

    app-editors/vim: drop 9.0.1403
    
    Was waiting on resolution for bug 908961.
    
    Bug: https://bugs.gentoo.org/905373
    Signed-off-by: Oskari Pirhonen <xxc3ncoredxx@gmail.com>
    Closes: https://github.com/gentoo/gentoo/pull/35381
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 app-editors/vim/Manifest            |   1 -
 app-editors/vim/vim-9.0.1403.ebuild | 371 ------------------------------------
 2 files changed, 372 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=bb0d016870e14d92e7e2bc5dbeda9c8f98660a28

commit bb0d016870e14d92e7e2bc5dbeda9c8f98660a28
Author:     Oskari Pirhonen <xxc3ncoredxx@gmail.com>
AuthorDate: 2024-02-17 01:41:27 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2024-02-17 21:43:19 +0000

    app-editors/vim-core: drop 9.0.1403
    
    Was waiting on resolution for bug 908961.
    
    Bug: https://bugs.gentoo.org/905373
    Signed-off-by: Oskari Pirhonen <xxc3ncoredxx@gmail.com>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 app-editors/vim-core/Manifest                 |   1 -
 app-editors/vim-core/vim-core-9.0.1403.ebuild | 231 --------------------------
 2 files changed, 232 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=ed694dc50e688b97a0d87590ba6b1c40d7639a52

commit ed694dc50e688b97a0d87590ba6b1c40d7639a52
Author:     Oskari Pirhonen <xxc3ncoredxx@gmail.com>
AuthorDate: 2024-02-17 01:39:05 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2024-02-17 21:43:19 +0000

    app-editors/gvim: drop 9.0.1403
    
    Was waiting on resolution for bug 908961.
    
    Bug: https://bugs.gentoo.org/905373
    Signed-off-by: Oskari Pirhonen <xxc3ncoredxx@gmail.com>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 app-editors/gvim/Manifest             |   1 -
 app-editors/gvim/gvim-9.0.1403.ebuild | 360 ----------------------------------
 2 files changed, 361 deletions(-)