UBUNTU 16.04 ELS: vim package released

TuxCare Team

December 15, 2021

changelog, Ubuntu16.04 ELS

A new updated vim package within Ubuntu 16.04 ELS is now available for download from our production repository.

CHANGELOG

vim 3:7.4.1689-3ubuntu1.5+tuxcare.els4

  • SECURITY UPDATE: Using freed memory with regexp using a mark
    – debian/patches/CVE-2021-3974.patch: Get the line again after getting the mark position
    – CVE-2021-3974
  • SECURITY UPDATE: Illegal memory access when C-indenting
    – debian/patches/CVE-2021-3984.patch: Also set the cursor column
    – CVE-2021-3984
  • SECURITY UPDATE: Crash when using CTRL-W f without finding a file name
    – debian/patches/CVE-2021-3973.patch: Bail out when the file name length is zero
    – CVE-2021-3973
  • SECURITY UPDATE: Buffer overflow with long help argument
    – debian/patches/CVE-2021-4019.patch: Use snprintf
    – CVE-2021-4019
  • SECURITY UPDATE: Using freed memory in open command
    – debian/patches/CVE-2021-4069.patch: Make a copy of the current line
    – CVE-2021-4069

UPDATE COMMAND

apt-get update
apt-get --only-upgrade install vim*

 

Stay in the Loop