Oracle alert ELSA-2022-0366 (vim)
| From: | Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2022-0366 Moderate: Oracle Linux 8 vim security update | |
| Date: | Thu, 03 Feb 2022 12:49:01 -0800 | |
| Message-ID: | <mailman.133.1643921350.6337.el-errata@oss.oracle.com> |
Oracle Linux Security Advisory ELSA-2022-0366 http://linux.oracle.com/errata/ELSA-2022-0366.html The following updated rpms for Oracle Linux 8 have been uploaded to the Unbreakable Linux Network: x86_64: vim-X11-8.0.1763-16.0.1.el8_5.4.x86_64.rpm vim-common-8.0.1763-16.0.1.el8_5.4.x86_64.rpm vim-enhanced-8.0.1763-16.0.1.el8_5.4.x86_64.rpm vim-filesystem-8.0.1763-16.0.1.el8_5.4.noarch.rpm vim-minimal-8.0.1763-16.0.1.el8_5.4.x86_64.rpm aarch64: vim-X11-8.0.1763-16.0.1.el8_5.4.aarch64.rpm vim-common-8.0.1763-16.0.1.el8_5.4.aarch64.rpm vim-enhanced-8.0.1763-16.0.1.el8_5.4.aarch64.rpm vim-filesystem-8.0.1763-16.0.1.el8_5.4.noarch.rpm vim-minimal-8.0.1763-16.0.1.el8_5.4.aarch64.rpm SRPMS: http://oss.oracle.com/ol8/SRPMS-updates/vim-8.0.1763-16.0... Related CVEs: CVE-2021-3872 CVE-2021-3984 CVE-2021-4019 CVE-2021-4192 CVE-2021-4193 Description of changes: [8.0.1763-16.0.1.4] - - Remove upstream references [Orabug: 31197557] [2:8.0.1763-16.4] - CVE-2021-4193 vim: vulnerable to Out-of-bounds Read - CVE-2021-4192 vim: vulnerable to Use After Free [2:8.0.1763-16.3] - 2028341 - CVE-2021-3984 vim: illegal memory access when C-indenting could lead to Heap Buffer Overflow [rhel-8.6.0] - 2028430 - CVE-2021-4019 vim: heap-based buffer overflow in find_help_tags() in src/help.c [rhel-8.6.0] [2:8.0.1763-16.2] - remove the upstream test - uses a feature which is not presented in RHEL 8 [2:8.0.1763-16.1] - CVE-2021-3872 vim: heap-based buffer overflow in win_redr_status() drawscreen.c [rhel-8.6.0] _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata