Debian Patches
Status for vim/2:8.2.2434-3+deb11u3
| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| CVE-2021-3872.patch | patch 8.2.3487: illegal memory access if buffer name is very long (cherry picked from commit 826bfe4bbd7594188e3d74d2539d9707b1c6a14b) |
Bram Moolenaar <Bram@vim.org> | no | 2021-10-08 | ||
| CVE-2021-4019.patch | patch 8.2.3669: buffer overflow with long help argument (cherry picked from commit bd228fd097b41a798f90944b5d1245eddd484142) |
Bram Moolenaar <Bram@vim.org> | no | 2021-11-25 | ||
| CVE-2021-4173-1.patch | patch 8.2.2762: Vim9: function line truncated when compiling (cherry picked from commit f62d73933af7830301989eb8162ce94a80e61fbf) |
Bram Moolenaar <Bram@vim.org> | no | 2021-04-14 | ||
| CVE-2021-4173-2.patch | patch 8.2.3902: Vim9: double free with nested :def function cmdlinep is valid. (cherry picked from commit 9c23f9bb5fe435b28245ba8ac65aa0ca6b902c04) |
Bram Moolenaar <Bram@vim.org> | no | 2021-12-26 | ||
| CVE-2021-4187.patch | patch 8.2.3923: Vim9: double free with split argument list in nested function argument list. (cherry picked from commit 4bf1006cae7e87259ccd5219128c3dba75774441) |
Bram Moolenaar <Bram@vim.org> | no | 2021-12-28 | ||
| CVE-2022-0261.patch | patch 8.2.4120: block insert goes over the end of the line (cherry picked from commit 9f8c304c8a390ade133bac29963dc8e56ab14cbc) |
Bram Moolenaar <Bram@vim.org> | no | 2022-01-17 | ||
| CVE-2022-0351.patch | patch 8.2.4206: condition with many "(" causes a crash (cherry picked from commit fe6fb267e6ee5c5da2f41889e4e0e0ac5bf4b89d) |
Bram Moolenaar <Bram@vim.org> | no | 2022-01-24 | ||
| CVE-2022-0359.patch | patch 8.2.4214: illegal memory access with large 'tabstop' in Ex mode (cherry picked from commit 85b6747abc15a7a81086db31289cf1b8b17e6cb1) |
Bram Moolenaar <Bram@vim.org> | no | 2022-01-25 | ||
| CVE-2022-0361.patch | patch 8.2.4215: illegal memory access when copying lines in Visual mode (cherry picked from commit dc5490e2cbc8c16022a23b449b48c1bd0083f366) |
Bram Moolenaar <Bram@vim.org> | no | 2022-01-25 | ||
| CVE-2022-0392.patch | patch 8.2.4218: illegal memory access with bracketed paste in Ex mode (cherry picked from commit 806d037671e133bd28a7864248763f643967973a) |
Bram Moolenaar <Bram@vim.org> | no | 2022-01-25 | ||
| CVE-2022-0417.patch | patch 8.2.4245: ":retab 0" may cause illegal memory access (cherry picked from commit 652dee448618589de5528a9e9a36995803f5557a) |
Bram Moolenaar <Bram@vim.org> | no | 2022-01-28 | ||
| CVE-2022-0572.patch | patch 8.2.4359: crash when repeatedly using :retab (cherry picked from commit 6e28703a8e41f775f64e442c5d11ce1ff599aa3f) |
Bram Moolenaar <Bram@vim.org> | no | 2022-02-12 | ||
| CVE-2022-1616.patch | patch 8.2.4895: buffer overflow with invalid command with composing chars (cherry picked from commit d88934406c5375d88f8f1b65331c9f0cab68cc6c) |
Bram Moolenaar <Bram@vim.org> | no | 2022-05-06 | ||
| CVE-2022-1785.patch | patch 8.2.4977: memory access error when substitute expression changes window (cherry picked from commit e2bd8600b873d2cd1f9d667c28cba8b1dba18839) |
Bram Moolenaar <Bram@vim.org> | no | 2022-05-18 | ||
| CVE-2022-1897.patch | patch 8.2.5023: substitute overwrites allocated buffer (cherry picked from commit 338f1fc0ee3ca929387448fe464579d6113fa76a) |
Bram Moolenaar <Bram@vim.org> | no | 2022-05-26 | ||
| CVE-2022-1942-1.patch | patch 8.2.5043: can open a cmdline window from a substitute expression locked. (cherry picked from commit 71223e2db87c2bf3b09aecb46266b56cda26191d) |
Bram Moolenaar <Bram@vim.org> | no | 2022-05-30 | ||
| CVE-2022-1942-2.patch | patch 8.2.5044: command line test fails Make the test not beep. Make the test pass on MS-Windows. (cherry picked from commit be99042b03edf7b8156c9adbc23516bfcf2cec0f) |
Bram Moolenaar <Bram@vim.org> | no | 2022-05-30 | ||
| CVE-2022-2000.patch | patch 8.2.5063: error for a command may go over the end of IObuff (cherry picked from commit 44a3f3353e0407e9fffee138125a6927d1c9e7e5) |
Bram Moolenaar <Bram@vim.org> | no | 2022-06-06 | ||
| CVE-2022-2129.patch | patch 8.2.5126: substitute may overrun destination buffer (cherry picked from commit d6211a52ab9f53b82f884561ed43d2fe4d24ff7d) |
Bram Moolenaar <Bram@vim.org> | no | 2022-06-18 | ||
| CVE-2022-2304.patch | patch 9.0.0035: spell dump may go beyond end of an array (cherry picked from commit 54e5fed6d27b747ff152cdb6edfb72ff60e70939) |
Bram Moolenaar <Bram@vim.org> | no | 2022-07-04 | ||
| CVE-2022-3099.patch | patch 9.0.0360: crash when invalid line number on :for is ignored (cherry picked from commit 35d21c6830fc2d68aca838424a0e786821c5891c) |
Bram Moolenaar <Bram@vim.org> | no | 2022-09-02 | ||
| CVE-2022-3134.patch | patch 9.0.0389: crash when 'tagfunc' closes the window (cherry picked from commit ccfde4d028e891a41e3548323c3d47b06fb0b83e) |
Bram Moolenaar <Bram@vim.org> | no | 2022-09-05 | ||
| CVE-2022-3324.patch | patch 9.0.0598: using negative array index with negative width window (cherry picked from commit 8279af514ca7e5fd3c31cf13b0864163d1a0bfeb) |
Bram Moolenaar <Bram@vim.org> | no | 2022-09-26 | ||
| CVE-2022-4141.patch | patch 9.0.0947: invalid memory access in substitute with function another file. (cherry picked from commit cc762a48d42b579fb7bdec2c614636b830342dd5) |
Bram Moolenaar <Bram@vim.org> | no | 2022-11-25 | ||
| CVE-2023-0054.patch | patch 9.0.1145: invalid memory access with recursive substitute expression (cherry picked from commit 3ac1d97a1d9353490493d30088256360435f7731) The fix is simple enough that I judge it not to be worth trying to fix the hang. |
Bram Moolenaar <Bram@vim.org> | no | 2023-01-04 | ||
| CVE-2023-1175.patch | patch 9.0.1378: illegal memory access when using virtual editing (cherry picked from commit c99cbf8f289bdda5d4a77d7ec415850a520330ba) |
Bram Moolenaar <Bram@vim.org> | no | 2023-03-04 | ||
| CVE-2023-2610.patch | patch 9.0.1532: crash when expanding "~" in substitute causes very long text (cherry picked from commit ab9a2d884b3a4abe319606ea95a5a6d6b01cd73a) LTS note: Test dropped due to breaking the build on some archs, following bookworm. |
Bram Moolenaar <Bram@vim.org> | no | 2023-05-09 | ||
| CVE-2023-4738.patch | patch 9.0.1848: [security] buffer-overflow in vim_regsub_both() (cherry picked from commit 4aaf3e7f4db599932d01d87e5bbcdc342cccee27) (cherry picked from commit ced2c7394aafdc90fb7845e09b3a3fee23d48cb1) |
Christian Brabandt <cb@256bit.org> | no | 2023-09-02 | ||
| CVE-2023-4752.patch | patch 9.0.1858: [security] heap use after free in ins_compl_get_exp() (cherry picked from commit ee9166eb3b41846661a39b662dc7ebe8b5e15139 and e2528ae11134cdf35c312754b124aba4963d8054) |
Christian Brabandt <cb@256bit.org> | no | 2023-09-03 | ||
| CVE-2023-4781.patch | patch 9.0.1873: [security] heap-buffer-overflow in vim_regsub_both (cherry picked from commit f6d28fe2c95c678cc3202cc5dc825a3fcc709e93) |
Christian Brabandt <cb@256bit.org> | no | 2023-09-05 | ||
| CVE-2023-5344.patch | patch 9.0.1969: [security] buffer-overflow in trunc_string() Currently trunc_string() assumes that when the string is too long, buf[e-1] will always be writeable. But that assumption may not always be true. The condition currently looks like this else if (e + 3 < buflen) [...] else { // can't fit in the "...", just truncate it buf[e - 1] = NUL; } but this means, we may run into the last else clause with e still being larger than buflen. So a buffer overflow occurs. So instead of using `buf[e - 1]`, let's just always truncate at `buf[buflen - 1]` which should always be writable. (cherry picked from commits 3bd7fa12e146c6051490d048a4acbfba974eeb04 and d4afbdd0715c722cfc73d3a8ab9e578667615faa) |
Christian Brabandt <cb@256bit.org> | no | 2023-10-02 | ||
| CVE-2024-22667.patch | patch 9.0.2142: [security]: stack-buffer-overflow in option callback functions instead of sprintf() We pass the error buffer down to the option callback functions, but in some parts of the code, we simply use sprintf(buf) to write into the error buffer, which can overflow. So let's pass down the length of the error buffer and use sprintf(buf, size) instead. Reported by @henices, thanks! (cherry picked from commit b39b240c386a5a29241415541f1c99e2e6b8ce47) |
Christian Brabandt <cb@256bit.org> | no | 2023-11-29 | ||
| CVE-2024-43802.patch | patch 9.1.0697: [security]: heap-buffer-overflow in ins_typebuf (SuyueGuo) is enough space left Github Advisory: https://github.com/vim/vim/security/advisories/GHSA-4ghr-c62x-cqfh (cherry picked from commit 322ba9108612bead5eb7731ccb66763dec69ef1b) |
Christian Brabandt <cb@256bit.org> | no | 2024-08-25 | ||
| CVE-2024-47814.patch | patch 9.1.0764: [security]: use-after-free when closing a buffer check whether the newly to be edited buffer has been marked for deletion and abort in this case Github Advisory: https://github.com/vim/vim/security/advisories/GHSA-rj48-v4mq-j4vg (cherry picked from commit 51b62387be93c65fa56bbabe1c3c1ea5df187641) the 'defer' keyword/function. |
Christian Brabandt <cb@256bit.org> | no | 2024-10-06 | ||
| debian/Add-recognition-of-more-LaTeX-commands-for-tex-filetype-d.patch | Add recognition of more LaTeX commands for tex filetype detection Since filetype detection of TeX files defaults to plaintex, we've added detection of some additional LaTeX commands to help sway the detection to LaTeX. |
Stefano Zacchiroli <zack@debian.org> | no | 2006-08-25 | ||
| debian/Detect-the-rst-filetype-using-the-contents-of-the-file.patch | Detect the rst filetype using the contents of the file | James Vega <jamessan@debian.org> | no | 2006-08-18 | ||
| debian/Document-Debian-s-decision-to-disable-modelines-by-defaul.patch | Document Debian's decision to disable modelines by default Modelines have historically been a source of vulnerabilities in Vim. As long as it remains a "blacklist suspected/proven dangerous options" instead of a "whitelist allowed options" piece of functionality, Debian's system-wide vimrc will maintain this setting. As such, the documentation needs to be updated to reflect the induced behavior. |
James Vega <jamessan@debian.org> | no | 2008-03-27 | ||
| debian/Support-sourcing-a-vimrc.tiny-when-Vim-is-invoked-as-vi.patch | Support sourcing a vimrc.tiny when Vim is invoked as vi This is used only in the vim-tiny package to allow a specific configuration for vim-tiny's vi. The vim-tiny package is substantially different from other Vim packages, so it does not make sense to share the same config. |
James McCoy <jamessan@debian.org> | no | 2015-10-06 | ||
| upstream/patch-8.2.3402-invalid-memory-access-when-using-retab-wit.patch | patch 8.2.3402: invalid memory access when using :retab with large value | Bram Moolenaar <Bram@vim.org> | no | 2021-09-04 | ||
| upstream/patch-8.2.3403-memory-leak-for-retab-with-invalid-argumen.patch | patch 8.2.3403: memory leak for :retab with invalid argument | Bram Moolenaar <Bram@vim.org> | no | 2021-09-04 | ||
| upstream/patch-8.2.3409-reading-beyond-end-of-line-with-invalid-ut.patch | patch 8.2.3409: reading beyond end of line with invalid utf-8 character | Bram Moolenaar <Bram@vim.org> | no | 2021-09-07 | ||
| upstream/patch-8.2.3428-using-freed-memory-when-replacing.patch | patch 8.2.3428: using freed memory when replacing | Bram Moolenaar <Bram@vim.org> | no | 2021-09-11 |
Showing 1 to 42 of 42 entries
All known versions for source package 'vim'
- 2:9.1.1230-1 (sid, trixie)
- 2:9.0.1378-2+deb12u2 (bookworm)
- 2:8.2.2434-3+deb11u3 (bullseye-security)
- 2:8.2.2434-3+deb11u1 (bullseye)