Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 905373 (CVE-2023-2426)

Summary: <app-editors/vim-9.0.1503, <app-editors/vim-core-9.0.1503, <app-editors/gvim-9.0.1503: Multiple vulnerabilities
Product: Gentoo Security Reporter: filip ambroz <filip.ambroz>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: CONFIRMED ---    
Severity: minor CC: proxy-maint, vim, xxc3ncoredxx
Priority: Normal Keywords: PullRequest
Version: unspecified   
Hardware: All   
OS: Linux   
See Also: https://github.com/gentoo/gentoo/pull/30816
Whiteboard: B3 [cleanup glsa?]
Package list:
Runtime testing required: ---
Bug Depends on: 908424    
Bug Blocks:    

Description filip ambroz 2023-04-30 12:30:41 UTC 
CVE-2023-2426 (https://github.com/vim/vim/commit/caf642c25de526229264cab9425e7c9979f3509b)

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499.
Comment 1 Larry the Git Cow gentoo-dev 2023-05-01 01:35:13 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=c3f2b4b321dccd03d25fe85d8d26f8a8698ee77a

commit c3f2b4b321dccd03d25fe85d8d26f8a8698ee77a
Author:     Oskari Pirhonen <xxc3ncoredxx@gmail.com>
AuthorDate: 2023-05-01 00:37:52 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-05-01 01:32:33 +0000

    app-editors/gvim: add 9.0.1503
    
    Bug: https://bugs.gentoo.org/905373
    Closes: https://bugs.gentoo.org/678864
    Signed-off-by: Oskari Pirhonen <xxc3ncoredxx@gmail.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 app-editors/gvim/Manifest             |   1 +
 app-editors/gvim/gvim-9.0.1503.ebuild | 367 ++++++++++++++++++++++++++++++++++
 2 files changed, 368 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=b64fc47970052bff5c8039f92a70b658f5ac91e6

commit b64fc47970052bff5c8039f92a70b658f5ac91e6
Author:     Oskari Pirhonen <xxc3ncoredxx@gmail.com>
AuthorDate: 2023-05-01 00:39:57 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-05-01 01:32:33 +0000

    app-editors/vim: add 9.0.1503
    
    Bug: https://bugs.gentoo.org/905373
    Bug: https://bugs.gentoo.org/678864
    Signed-off-by: Oskari Pirhonen <xxc3ncoredxx@gmail.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 app-editors/vim/Manifest            |   1 +
 app-editors/vim/vim-9.0.1503.ebuild | 371 ++++++++++++++++++++++++++++++++++++
 2 files changed, 372 insertions(+)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=aa24ae670f87674b8c1a2399ebb68e1d391764b7

commit aa24ae670f87674b8c1a2399ebb68e1d391764b7
Author:     Oskari Pirhonen <xxc3ncoredxx@gmail.com>
AuthorDate: 2023-05-01 00:40:49 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2023-05-01 01:32:33 +0000

    app-editors/vim-core: add 9.0.1503
    
    Bug: https://bugs.gentoo.org/905373
    Bug: https://bugs.gentoo.org/678864
    Signed-off-by: Oskari Pirhonen <xxc3ncoredxx@gmail.com>
    Signed-off-by: Sam James <sam@gentoo.org>

 app-editors/vim-core/Manifest                 |   1 +
 app-editors/vim-core/vim-core-9.0.1503.ebuild | 231 ++++++++++++++++++++++++++
 2 files changed, 232 insertions(+)