Summary: | <app-editors/vim-8.2.4328: multiple vulnerabilities | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | vim |
Priority: | Normal | Keywords: | PullRequest |
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
See Also: | https://github.com/gentoo/gentoo/pull/24053 | ||
Whiteboard: | B3 [glsa+] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 834460 | ||
Bug Blocks: |
Description
John Helmert III
2022-01-11 08:25:57 UTC
[CVE-2022-0213] vim is vulnerable to Heap-based Buffer Overflow URLs: https://huntr.dev/bounties/f3afe1a5-e6f8-4579-b68a-6e5c7e39afed/ https://github.com/vim/vim/commit/de05bb25733c3319e18dca44e9b59c6ee389eb26 Fixed in: 8.2.4074 CVE-2022-0261 (https://github.com/vim/vim/commit/9f8c304c8a390ade133bac29963dc8e56ab14cbc): Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Fixed in 8.2.4120. CVE-2022-0318 (https://github.com/vim/vim/commit/57df9e8a9f9ae1aafdde9b86b10ad907627a87dc): Heap-based Buffer Overflow in vim/vim prior to 8.2. CVE-2022-0319 (https://github.com/vim/vim/commit/05b27615481e72e3b338bb12990fb3e0c2ecc2a9): Out-of-bounds Read in Conda vim prior to 8.2. Fixes in 8.2.4154. CVE-2022-0351 (https://github.com/vim/vim/commit/fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d) Access of Memory Location Before Start of Buffer in Conda vim prior to 8.2. Fixed in 8.2.4206 CVE-2022-0359 (https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1) Heap-based Buffer Overflow in Conda vim prior to 8.2. Fixed in 8.2.4219 CVE-2022-0361 (https://github.com/vim/vim/commit/dc5490e2cbc8c16022a23b449b48c1bd0083f366) Heap-based Buffer Overflow in Conda vim prior to 8.2. Fixed in 8.2.4215 CVE-2022-0368 (https://github.com/vim/vim/commit/8d02ce1ed75d008c34a5c9aaa51b67cbb9d33baa) Out-of-bounds Read in Conda vim prior to 8.2. Fixed in 8.2.4217 CVE-2022-0392 (https://github.com/vim/vim/commit/806d037671e133bd28a7864248763f643967973a): Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. CVE-2022-0393 (https://github.com/vim/vim/commit/a4bc2dd7cccf5a4a9f78b58b6f35a45d17164323): Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Fixes in >=8.2.4233 CVE-2022-0408 (https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d): Stack-based Buffer Overflow in Conda vim prior to 8.2. CVE-2022-0413 (https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a): Use After Free in Conda vim prior to 8.2. CVE-2022-0407 (https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e): Heap-based Buffer Overflow in Conda vim prior to 8.2. Fixed in >=8.2.4253 CVE-2022-0417 (https://github.com/vim/vim/commit/652dee448618589de5528a9e9a36995803f5557a): Heap-based Buffer Overflow in Conda vim prior to 8.2. Fix in 8.2.4282. CVE-2022-0443 (https://github.com/vim/vim/commit/9b4a80a66544f2782040b641498754bcb5b8d461): Use After Free in Conda vim prior to 8.2. Fix in 8.2.4281 The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=693824c270688e8970738f4530ba2e7ebcbc7049 commit 693824c270688e8970738f4530ba2e7ebcbc7049 Author: Mathieu Tortuyaux <mtortuyaux@microsoft.com> AuthorDate: 2022-02-09 11:27:51 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-02-09 11:28:58 +0000 app-editors/vim-core: add 8.2.4285 Mainly to adress this CVE: CVE-2021-46059, CVE-2022-0156, CVE-2022-0158, CVE-2022-0213, CVE-2022-0261, CVE-2022-0318, CVE-2022-0319, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0368, CVE-2022-0392, CVE-2022-0393, CVE-2022-0407, CVE-2022-0408, CVE-2022-0413, CVE-2022-0417. Bug: https://bugs.gentoo.org/830994 Package-Manager: Portage-3.0.28, Repoman-3.0.3 Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com> Signed-off-by: Sam James <sam@gentoo.org> app-editors/vim-core/Manifest | 1 + app-editors/vim-core/vim-core-8.2.4285.ebuild | 233 ++++++++++++++++++++++++++ 2 files changed, 234 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=43d46f178ba15c0fc8d5734b72bbf4cc9cccbcd5 commit 43d46f178ba15c0fc8d5734b72bbf4cc9cccbcd5 Author: Mathieu Tortuyaux <mtortuyaux@microsoft.com> AuthorDate: 2022-02-09 11:27:40 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-02-09 11:28:41 +0000 app-editors/vim: add 8.2.4285 Mainly to adress this CVE: CVE-2021-46059, CVE-2022-0156, CVE-2022-0158, CVE-2022-0213, CVE-2022-0261, CVE-2022-0318, CVE-2022-0319, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0368, CVE-2022-0392, CVE-2022-0393, CVE-2022-0407, CVE-2022-0408, CVE-2022-0413, CVE-2022-0417. Bug: https://bugs.gentoo.org/830994 Package-Manager: Portage-3.0.28, Repoman-3.0.3 Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com> Signed-off-by: Sam James <sam@gentoo.org> app-editors/vim/Manifest | 1 + app-editors/vim/vim-8.2.4285.ebuild | 355 ++++++++++++++++++++++++++++++++++++ 2 files changed, 356 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=36fc830ac6fca3153a02790c7d266ac9f2c0cb45 commit 36fc830ac6fca3153a02790c7d266ac9f2c0cb45 Author: Mathieu Tortuyaux <mtortuyaux@microsoft.com> AuthorDate: 2022-02-09 11:26:55 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-02-09 11:28:21 +0000 app-editors/gvim: add 8.2.4285 Mainly to adress this CVE: CVE-2021-46059, CVE-2022-0156, CVE-2022-0158, CVE-2022-0213, CVE-2022-0261, CVE-2022-0318, CVE-2022-0319, CVE-2022-0351, CVE-2022-0359, CVE-2022-0361, CVE-2022-0368, CVE-2022-0392, CVE-2022-0393, CVE-2022-0407, CVE-2022-0408, CVE-2022-0413, CVE-2022-0417. Bug: https://bugs.gentoo.org/830994 Package-Manager: Portage-3.0.28, Repoman-3.0.3 Signed-off-by: Mathieu Tortuyaux <mtortuyaux@microsoft.com> Signed-off-by: Sam James <sam@gentoo.org> app-editors/gvim/Manifest | 1 + app-editors/gvim/gvim-8.2.4285.ebuild | 383 ++++++++++++++++++++++++++++++++++ 2 files changed, 384 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=8740720698f1392df9467da3717bbd3f1247300f commit 8740720698f1392df9467da3717bbd3f1247300f Author: Vaibhav Rustagi <vaibhavrustagi@google.com> AuthorDate: 2022-02-08 19:22:51 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-02-09 11:38:50 +0000 app-editors/vim: version bump to v8.2.4328 This is needed to resolve following CVEs: - CVE-2021-4187 - CVE-2022-0128 - CVE-2022-0156 - CVE-2022-0158 - CVE-2022-0261 - CVE-2022-0318 - CVE-2022-0319 - CVE-2022-0392 - CVE-2022-0368 - CVE-2022-0393 - CVE-2022-0361 - CVE-2022-0359 - CVE-2022-0413 - CVE-2022-0408 - CVE-2022-0407 Bug: https://bugs.gentoo.org/830994 Signed-off-by: Vaibhav Rustagi <vaibhavrustagi@google.com> Closes: https://github.com/gentoo/gentoo/pull/24133 Signed-off-by: Sam James <sam@gentoo.org> app-editors/vim/Manifest | 1 + app-editors/vim/vim-8.2.4328.ebuild | 355 ++++++++++++++++++++++++++++++++++++ 2 files changed, 356 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4256a785f91e40b308a4dcbb49b2adf236444fe2 commit 4256a785f91e40b308a4dcbb49b2adf236444fe2 Author: Vaibhav Rustagi <vaibhavrustagi@google.com> AuthorDate: 2022-02-08 19:21:28 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-02-09 11:38:47 +0000 app-editors/vim-core: version bump to v8.2.4328 This is needed to resolve following CVEs: - CVE-2021-4187 - CVE-2022-0128 - CVE-2022-0156 - CVE-2022-0158 - CVE-2022-0261 - CVE-2022-0318 - CVE-2022-0319 - CVE-2022-0392 - CVE-2022-0368 - CVE-2022-0393 - CVE-2022-0361 - CVE-2022-0359 - CVE-2022-0413 - CVE-2022-0408 - CVE-2022-0407 Bug: https://bugs.gentoo.org/830994 Signed-off-by: Vaibhav Rustagi <vaibhavrustagi@google.com> Signed-off-by: Sam James <sam@gentoo.org> app-editors/vim-core/Manifest | 1 + app-editors/vim-core/vim-core-8.2.4328.ebuild | 233 ++++++++++++++++++++++++++ 2 files changed, 234 insertions(+) https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=32b14738eef48ed3e0e129369f7444bd7eb6ce63 commit 32b14738eef48ed3e0e129369f7444bd7eb6ce63 Author: Vaibhav Rustagi <vaibhavrustagi@google.com> AuthorDate: 2022-02-08 19:16:55 +0000 Commit: Sam James <sam@gentoo.org> CommitDate: 2022-02-09 11:38:44 +0000 app-editors/gvim: version bump to v8.2.4328 This is needed to resolve following CVEs: - CVE-2021-4187 - CVE-2022-0128 - CVE-2022-0156 - CVE-2022-0158 - CVE-2022-0261 - CVE-2022-0318 - CVE-2022-0319 - CVE-2022-0392 - CVE-2022-0368 - CVE-2022-0393 - CVE-2022-0361 - CVE-2022-0359 - CVE-2022-0413 - CVE-2022-0408 - CVE-2022-0407 Bug: https://bugs.gentoo.org/830994 Signed-off-by: Vaibhav Rustagi <vaibhavrustagi@google.com> Signed-off-by: Sam James <sam@gentoo.org> app-editors/gvim/Manifest | 1 + app-editors/gvim/gvim-8.2.4328.ebuild | 383 ++++++++++++++++++++++++++++++++++ 2 files changed, 384 insertions(+) CVE-2022-0554 (https://github.com/vim/vim/commit/e3537aec2f8d6470010547af28dcbd83d41461b8): Use of Out-of-range Pointer Offset in Conda vim prior to 8.2. Fixed in 8.2.4327. FWIW, as far as I can tell monsieurp (the only member of vim@) hasn't maintained app-editors/vim{,-core} in at least 4 years. I'd feel free to stabilize things at your leisure. (In reply to Matt Turner from comment #12) > FWIW, as far as I can tell monsieurp (the only member of vim@) hasn't > maintained app-editors/vim{,-core} in at least 4 years. I'd feel free to > stabilize things at your leisure. Indeed! Unfortunately the issue here is not so much about waiting for permission, but more that it takes a ton of time for us to keep track and appropriately act upon all hundreds of bugs... GLSA request filed The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=2cee523fe648754bae0e4ed2a531da672ac5fa15 commit 2cee523fe648754bae0e4ed2a531da672ac5fa15 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2022-08-21 01:33:31 +0000 Commit: John Helmert III <ajak@gentoo.org> CommitDate: 2022-08-21 01:40:46 +0000 [ GLSA 202208-32 ] Vim, gVim: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/811870 Bug: https://bugs.gentoo.org/818562 Bug: https://bugs.gentoo.org/819528 Bug: https://bugs.gentoo.org/823473 Bug: https://bugs.gentoo.org/824930 Bug: https://bugs.gentoo.org/828583 Bug: https://bugs.gentoo.org/829658 Bug: https://bugs.gentoo.org/830106 Bug: https://bugs.gentoo.org/830994 Bug: https://bugs.gentoo.org/833572 Bug: https://bugs.gentoo.org/836432 Bug: https://bugs.gentoo.org/851231 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: John Helmert III <ajak@gentoo.org> glsa-202208-32.xml | 168 +++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 168 insertions(+) GLSA released, all done! |