Release date:
2026-05-12 16:21:08 UTC
Description:
- CVE-2022-2175: fix invalid memory access in cmdline_insert_reg() when
using an expression on the command line; save/restore new_cmdpos around
the expression evaluation (ex_getln.c, upstream patch 8.2.5148; hunk 3
context adjusted for 8.2.2637)
- CVE-2022-3256: fix use-after-free in movemark() when an autocommand
changes the mark; make a local copy of the fmark before potentially
triggering buffer autocommands (mark.c, upstream patch 9.0.0530)
- CVE-2022-4292: fix use-after-free in did_set_spelllang() when a
SpellFileMissing autocommand uses :bwipe to close the current window;
also bail out when the window is no longer valid (spell.c, upstream
patch 9.0.0882)
- CVE-2022-3324: fix negative-index buffer access caused by negative
window width; clamp next_curwin_size in win_equal_rec() and clamp
wp->w_width in win_new_width() (window.c, upstream patch 9.0.0598)
Updated packages:
-
vim-X11-8.2.2637-22.el9_2.1.tuxcare.els21.x86_64.rpm
sha:42ed903b1b8ad31d3802cf87e70701529222f1fcc7eb5b4eea187b8157f3592f
-
vim-common-8.2.2637-22.el9_2.1.tuxcare.els21.x86_64.rpm
sha:b09f737883b39c041746f1eddc79a1bb039688f6823cdb115ee0982937338604
-
vim-enhanced-8.2.2637-22.el9_2.1.tuxcare.els21.x86_64.rpm
sha:22cc06abb1d1407181f20c762a93cae1bf1125e1c99b4635e51540a01c6f9826
-
vim-filesystem-8.2.2637-22.el9_2.1.tuxcare.els21.noarch.rpm
sha:97f1036e13818a81dae86bef128a8875f41e1e5373611f457450ad74ff0eecef
-
vim-minimal-8.2.2637-22.el9_2.1.tuxcare.els21.x86_64.rpm
sha:a3ea8fc1ac9b757604f4e4913f5de8b7c3407ed6ea255bbc38298cd797d96f5c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
