Release date:
2026-05-12 18:43:13 UTC
Description:
- CVE-2022-2257: fix out-of-bounds read in str2special() when advancing
past the trailing NUL of a menu item with only a modifier (message.c,
upstream patch 9.0.0009)
- CVE-2022-2182: fix heap buffer overflow in parse_cmd_address() when
address line 0 is used with the ";" separator (":0;/PATTERN/"); clamp
cursor column via check_cursor_col() for line 0 (ex_docmd.c, upstream
patch 8.2.5150)
- CVE-2022-2849: return zero byte length for NUL in latin_ptr2len() and
dbcs_ptr2len() so iterating past the end of a null string cannot
dereference an invalid address (mbyte.c, upstream patch 9.0.0220;
minimal form — only the functional changes backported)
Updated packages:
-
vim-X11-8.2.2637-22.el9_2.1.tuxcare.els26.x86_64.rpm
sha:f8ae615c735b70e9d435524fabf04d5028840bab79128007178cf8b05d96a739
-
vim-common-8.2.2637-22.el9_2.1.tuxcare.els26.x86_64.rpm
sha:2f2a876da98413617387bf42a62010348b6905467c825b9621351e55f6926867
-
vim-enhanced-8.2.2637-22.el9_2.1.tuxcare.els26.x86_64.rpm
sha:dfdbcaa2bb224d78b2db8d5ab672f22b8dd2fb0a08c67c573ae6348fd49944b1
-
vim-filesystem-8.2.2637-22.el9_2.1.tuxcare.els26.noarch.rpm
sha:a5ca97c0ca3c32290066b2d7ab486456c2459b160d00d9beb1abc354fee96a8b
-
vim-minimal-8.2.2637-22.el9_2.1.tuxcare.els26.x86_64.rpm
sha:fe981eef97b24cd08c9831eb3c8f7ab4494e976f823a56b6cdce43fe7faa152e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
