ELA-740-1 vim security update

multiple memory access violations

2022-11-25
Packagevim
Version2:8.0.0197-4+deb9u9 (stretch)
Related CVEs CVE-2022-1897 CVE-2022-1942 CVE-2022-2000 CVE-2022-2129 CVE-2022-3235 CVE-2022-3256 CVE-2022-3352


This update fixes multiple memory access violations in vim.

CVE-2022-1897

Out-of-bounds Write

CVE-2022-1942

Heap-based Buffer Overflow

CVE-2022-2000

Out-of-bounds Write

CVE-2022-2129

Out-of-bounds Write

CVE-2022-3235

Use After Free

CVE-2022-3256

Use After Free

CVE-2022-3352

Use After Free


For Debian 9 stretch, these problems have been fixed in version 2:8.0.0197-4+deb9u9.

We recommend that you upgrade your vim packages.

Further information about Extended LTS security advisories can be found in the dedicated section of our website.