Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2023.0019
Security update for vim
3 January 2023
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: vim
Publisher: SUSE
Operating System: SUSE
Resolution: Patch/Upgrade
CVE Names: CVE-2022-3705 CVE-2022-3352 CVE-2022-3324
CVE-2022-3297 CVE-2022-3296 CVE-2022-3278
CVE-2022-3235 CVE-2022-3234 CVE-2022-3153
CVE-2022-3134 CVE-2022-3099 CVE-2022-3037
CVE-2022-3016 CVE-2022-2982 CVE-2022-2980
CVE-2022-2946 CVE-2022-2923 CVE-2022-2889
CVE-2022-2874 CVE-2022-2862 CVE-2022-2849
CVE-2022-2845 CVE-2022-2819 CVE-2022-2817
CVE-2022-2816 CVE-2022-2598 CVE-2022-2581
CVE-2022-2580 CVE-2022-2571 CVE-2022-2522
CVE-2022-2345 CVE-2022-2344 CVE-2022-2343
CVE-2022-2304 CVE-2022-2287 CVE-2022-2286
CVE-2022-2285 CVE-2022-2284 CVE-2022-2264
CVE-2022-2257 CVE-2022-2231 CVE-2022-2210
CVE-2022-2208 CVE-2022-2207 CVE-2022-2206
CVE-2022-2183 CVE-2022-2182 CVE-2022-2175
CVE-2022-2129 CVE-2022-2126 CVE-2022-2125
CVE-2022-2124 CVE-2022-1968 CVE-2022-1927
CVE-2022-1898 CVE-2022-1897 CVE-2022-1851
CVE-2022-1796 CVE-2022-1785 CVE-2022-1771
CVE-2022-1735 CVE-2022-1733 CVE-2022-1720
CVE-2022-1620 CVE-2022-1619 CVE-2022-1616
CVE-2022-1420 CVE-2022-1381 CVE-2022-0696
CVE-2022-0413 CVE-2022-0407 CVE-2022-0392
CVE-2022-0361 CVE-2022-0359 CVE-2022-0351
CVE-2022-0319 CVE-2022-0318 CVE-2022-0261
CVE-2022-0213 CVE-2022-0128 CVE-2021-46059
CVE-2021-4193 CVE-2021-4192 CVE-2021-4166
CVE-2021-4136 CVE-2021-4069 CVE-2021-4019
CVE-2021-3984 CVE-2021-3974 CVE-2021-3973
CVE-2021-3968 CVE-2021-3928 CVE-2021-3927
CVE-2021-3903 CVE-2021-3875 CVE-2021-3872
CVE-2021-3796 CVE-2021-3778 CVE-2017-17087
CVE-2017-6350 CVE-2017-6349 CVE-2017-5953
CVE-2016-1248 CVE-2009-0316
Original Bulletin:
https://www.suse.com/support/update/announcement/2022/suse-su-20224619-1
Comment: CVSS (Max): 8.4* CVE-2017-5953 (CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS Source: [SUSE], Red Hat
Calculator: https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
* Not all CVSS available when published
- --------------------------BEGIN INCLUDED TEXT--------------------
SUSE Security Update: Security update for vim
______________________________________________________________________________
Announcement ID: SUSE-SU-2022:4619-1
Rating: moderate
References: #1070955 #1173256 #1174564 #1176549 #1182324 #1190533
#1190570 #1191770 #1191893 #1192167 #1192478 #1192481
#1192902 #1192903 #1192904 #1193294 #1193298 #1193466
#1193905 #1194093 #1194216 #1194217 #1194388 #1194556
#1194872 #1194885 #1195004 #1195066 #1195126 #1195202
#1195203 #1195332 #1195354 #1195356 #1196361 #1198596
#1198748 #1199331 #1199333 #1199334 #1199651 #1199655
#1199693 #1199745 #1199747 #1199936 #1200010 #1200011
#1200012 #1200270 #1200697 #1200698 #1200700 #1200701
#1200732 #1200884 #1200902 #1200903 #1200904 #1201132
#1201133 #1201134 #1201135 #1201136 #1201150 #1201151
#1201152 #1201153 #1201154 #1201155 #1201249 #1201356
#1201359 #1201363 #1201620 #1201863 #1202046 #1202049
#1202050 #1202051 #1202414 #1202420 #1202421 #1202511
#1202512 #1202515 #1202552 #1202599 #1202687 #1202689
#1202862 #1202962 #1203110 #1203152 #1203155 #1203194
#1203272 #1203508 #1203509 #1203796 #1203797 #1203799
#1203820 #1203924 #1204779
Cross-References: CVE-2009-0316 CVE-2016-1248 CVE-2017-17087 CVE-2017-5953
CVE-2017-6349 CVE-2017-6350 CVE-2021-3778 CVE-2021-3796
CVE-2021-3872 CVE-2021-3875 CVE-2021-3903 CVE-2021-3927
CVE-2021-3928 CVE-2021-3968 CVE-2021-3973 CVE-2021-3974
CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4136
CVE-2021-4166 CVE-2021-4192 CVE-2021-4193 CVE-2021-46059
CVE-2022-0128 CVE-2022-0213 CVE-2022-0261 CVE-2022-0318
CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361
CVE-2022-0392 CVE-2022-0407 CVE-2022-0413 CVE-2022-0696
CVE-2022-1381 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619
CVE-2022-1620 CVE-2022-1720 CVE-2022-1733 CVE-2022-1735
CVE-2022-1771 CVE-2022-1785 CVE-2022-1796 CVE-2022-1851
CVE-2022-1897 CVE-2022-1898 CVE-2022-1927 CVE-2022-1968
CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-2129
CVE-2022-2175 CVE-2022-2182 CVE-2022-2183 CVE-2022-2206
CVE-2022-2207 CVE-2022-2208 CVE-2022-2210 CVE-2022-2231
CVE-2022-2257 CVE-2022-2264 CVE-2022-2284 CVE-2022-2285
CVE-2022-2286 CVE-2022-2287 CVE-2022-2304 CVE-2022-2343
CVE-2022-2344 CVE-2022-2345 CVE-2022-2522 CVE-2022-2571
CVE-2022-2580 CVE-2022-2581 CVE-2022-2598 CVE-2022-2816
CVE-2022-2817 CVE-2022-2819 CVE-2022-2845 CVE-2022-2849
CVE-2022-2862 CVE-2022-2874 CVE-2022-2889 CVE-2022-2923
CVE-2022-2946 CVE-2022-2980 CVE-2022-2982 CVE-2022-3016
CVE-2022-3037 CVE-2022-3099 CVE-2022-3134 CVE-2022-3153
CVE-2022-3234 CVE-2022-3235 CVE-2022-3278 CVE-2022-3296
CVE-2022-3297 CVE-2022-3324 CVE-2022-3352 CVE-2022-3705
Affected Products:
SUSE Linux Enterprise Server 12-SP2-BCL
SUSE Linux Enterprise Server 12-SP3-BCL
SUSE Linux Enterprise Server 12-SP4-LTSS
SUSE Linux Enterprise Server 12-SP5
SUSE Linux Enterprise Server for SAP 12-SP4
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 9
______________________________________________________________________________
An update that solves 104 vulnerabilities and has one errata is now available.
Description:
This update for vim fixes the following issues:
Updated to version 9.0.0814:
* Fixing bsc#1192478 VUL-1: CVE-2021-3928: vim: vim is vulnerable to
Stack-based Buffer Overflow * Fixing bsc#1203508 VUL-0: CVE-2022-3234: vim:
Heap-based Buffer Overflow prior to 9.0.0483. * Fixing bsc#1203509 VUL-1:
CVE-2022-3235: vim: Use After Free in GitHub prior to 9.0.0490. * Fixing bsc#
1203820 VUL-0: CVE-2022-3324: vim: Stack-based Buffer Overflow in prior to
9.0.0598. * Fixing bsc#1204779 VUL-0: CVE-2022-3705: vim: use after free in
function qf_update_buffer of the file quickfix.c * Fixing bsc#1203152 VUL-1:
CVE-2022-2982: vim: use after free in qf_fill_buffer() * Fixing bsc#1203796
VUL-1: CVE-2022-3296: vim: stack out of bounds read in ex_finally() in
ex_eval.c * Fixing bsc#1203797 VUL-1: CVE-2022-3297: vim: use-after-free in
process_next_cpt_value() at insexpand.c * Fixing bsc#1203110 VUL-1:
CVE-2022-3099: vim: Use After Free in ex_docmd.c * Fixing bsc#1203194 VUL-1:
CVE-2022-3134: vim: use after free in do_tag() * Fixing bsc#1203272 VUL-1:
CVE-2022-3153: vim: NULL Pointer Dereference in GitHub repository vim/vim prior
to 9.0.0404. * Fixing bsc#1203799 VUL-1: CVE-2022-3278: vim: NULL pointer
dereference in eval_next_non_blank() in eval.c * Fixing bsc#1203924 VUL-1:
CVE-2022-3352: vim: vim: use after free * Fixing bsc#1203155 VUL-1:
CVE-2022-2980: vim: null pointer dereference in do_mouse() * Fixing bsc#1202962
VUL-1: CVE-2022-3037: vim: Use After Free in vim prior to 9.0.0321 * Fixing bsc
#1200884 Vim: Error on startup * Fixing bsc#1200902 VUL-0: CVE-2022-2183: vim:
Out-of-bounds Read through get_lisp_indent() Mon 13:32 * Fixing bsc#1200903
VUL-0: CVE-2022-2182: vim: Heap-based Buffer Overflow through parse_cmd_address
() Tue 08:37 * Fixing bsc#1200904 VUL-0: CVE-2022-2175: vim: Buffer Over-read
through cmdline_insert_reg() Tue 08:37 * Fixing bsc#1201249 VUL-0:
CVE-2022-2304: vim: stack buffer overflow in spell_dump_compl() * Fixing bsc#
1201356 VUL-1: CVE-2022-2343: vim: Heap-based Buffer Overflow in GitHub
repository vim prior to 9.0.0044 * Fixing bsc#1201359 VUL-1: CVE-2022-2344:
vim: Another Heap-based Buffer Overflow vim prior to 9.0.0045 * Fixing bsc#
1201363 VUL-1: CVE-2022-2345: vim: Use After Free in GitHub repository vim
prior to 9.0.0046. * Fixing bsc#1201620 vim: SLE-15-SP4-Full-x86_64-GM-Media1
and vim-plugin-tlib-1.27-bp154.2.18.noarch issue * Fixing bsc#1202414 VUL-1:
CVE-2022-2819: vim: Heap-based Buffer Overflow in compile_lock_unlock() *
Fixing bsc#1202552 VUL-1: CVE-2022-2874: vim: NULL Pointer Dereference in
generate_loadvar() * Fixing bsc#1200270 VUL-1: CVE-2022-1968: vim: use after
free in utf_ptr2char * Fixing bsc#1200697 VUL-1: CVE-2022-2124: vim: out of
bounds read in current_quote() * Fixing bsc#1200698 VUL-1: CVE-2022-2125: vim:
out of bounds read in get_lisp_indent() * Fixing bsc#1200700 VUL-1:
CVE-2022-2126: vim: out of bounds read in suggest_trie_walk() * Fixing bsc#
1200701 VUL-1: CVE-2022-2129: vim: out of bounds write in vim_regsub_both() *
Fixing bsc#1200732 VUL-1: CVE-2022-1720: vim: out of bounds read in
grab_file_name() * Fixing bsc#1201132 VUL-1: CVE-2022-2264: vim: out of bounds
read in inc() * Fixing bsc#1201133 VUL-1: CVE-2022-2284: vim: out of bounds
read in utfc_ptr2len() * Fixing bsc#1201134 VUL-1: CVE-2022-2285: vim: negative
size passed to memmove() due to integer overflow * Fixing bsc#1201135 VUL-1:
CVE-2022-2286: vim: out of bounds read in ins_bytes() * Fixing bsc#1201136
VUL-1: CVE-2022-2287: vim: out of bounds read in suggest_trie_walk() * Fixing
bsc#1201150 VUL-1: CVE-2022-2231: vim: null pointer dereference skipwhite() *
Fixing bsc#1201151 VUL-1: CVE-2022-2210: vim: out of bounds read in
ml_append_int() * Fixing bsc#1201152 VUL-1: CVE-2022-2208: vim: null pointer
dereference in diff_check() * Fixing bsc#1201153 VUL-1: CVE-2022-2207: vim: out
of bounds read in ins_bs() * Fixing bsc#1201154 VUL-1: CVE-2022-2257: vim: out
of bounds read in msg_outtrans_special() * Fixing bsc#1201155 VUL-1:
CVE-2022-2206: vim: out of bounds read in msg_outtrans_attr() * Fixing bsc#
1201863 VUL-1: CVE-2022-2522: vim: out of bounds read via nested autocommand *
Fixing bsc#1202046 VUL-1: CVE-2022-2571: vim: Heap-based Buffer Overflow
related to ins_comp_get_next_word_or_line() * Fixing bsc#1202049 VUL-1:
CVE-2022-2580: vim: Heap-based Buffer Overflow related to eval_string() *
Fixing bsc#1202050 VUL-1: CVE-2022-2581: vim: Out-of-bounds Read related to
cstrchr() * Fixing bsc#1202051 VUL-1: CVE-2022-2598: vim: Undefined Behavior
for Input to API related to diff_mark_adjust_tp() and ex_diffgetput() * Fixing
bsc#1202420 VUL-1: CVE-2022-2817: vim: Use After Free in f_assert_fails() *
Fixing bsc#1202421 VUL-1: CVE-2022-2816: vim: Out-of-bounds Read in
check_vim9_unlet() * Fixing bsc#1202511 VUL-1: CVE-2022-2862: vim:
use-after-free in compile_nested_function() * Fixing bsc#1202512 VUL-1:
CVE-2022-2849: vim: Invalid memory access related to mb_ptr2len() * Fixing bsc#
1202515 VUL-1: CVE-2022-2845: vim: Buffer Over-read related to display_dollar()
* Fixing bsc#1202599 VUL-1: CVE-2022-2889: vim: use-after-free in
find_var_also_in_script() in evalvars.c * Fixing bsc#1202687 VUL-1:
CVE-2022-2923: vim: NULL Pointer Dereference in GitHub repository vim/vim prior
to 9.0.0240 * Fixing bsc#1202689 VUL-1: CVE-2022-2946: vim: use after free in
function vim_vsnprintf_typval * Fixing bsc#1202862 VUL-1: CVE-2022-3016: vim:
Use After Free in vim prior to 9.0.0285 Mon 12:00 * Fixing bsc#1191770 VUL-0:
CVE-2021-3875: vim: heap-based buffer overflow * Fixing bsc#1192167 VUL-0:
CVE-2021-3903: vim: heap-based buffer overflow * Fixing bsc#1192902 VUL-0:
CVE-2021-3968: vim: vim is vulnerable to Heap-based Buffer Overflow * Fixing
bsc#1192903 VUL-0: CVE-2021-3973: vim: vim is vulnerable to Heap-based Buffer
Overflow * Fixing bsc#1192904 VUL-0: CVE-2021-3974: vim: vim is vulnerable to
Use After Free * Fixing bsc#1193466 VUL-1: CVE-2021-4069: vim: use-after-free
in ex_open() in src/ex_docmd.c * Fixing bsc#1193905 VUL-0: CVE-2021-4136: vim:
vim is vulnerable to Heap-based Buffer Overflow * Fixing bsc#1194093 VUL-1:
CVE-2021-4166: vim: vim is vulnerable to Out-of-bounds Read * Fixing bsc#
1194216 VUL-1: CVE-2021-4193: vim: vulnerable to Out-of-bounds Read * Fixing
bsc#1194217 VUL-0: CVE-2021-4192: vim: vulnerable to Use After Free * Fixing
bsc#1194872 VUL-0: CVE-2022-0261: vim: Heap-based Buffer Overflow in vim prior
to 8.2. * Fixing bsc#1194885 VUL-0: CVE-2022-0213: vim: vim is vulnerable to
Heap-based Buffer Overflow * Fixing bsc#1195004 VUL-0: CVE-2022-0318: vim:
Heap-based Buffer Overflow in vim prior to 8.2. * Fixing bsc#1195203 VUL-0:
CVE-2022-0359: vim: heap-based buffer overflow in init_ccline() in ex_getln.c *
Fixing bsc#1195354 VUL-0: CVE-2022-0407: vim: Heap-based Buffer Overflow in
Conda vim prior to 8.2. * Fixing bsc#1198596 VUL-0: CVE-2022-1381: vim: global
heap buffer overflow in skip_range * Fixing bsc#1199331 VUL-0: CVE-2022-1616:
vim: Use after free in append_command * Fixing bsc#1199333 VUL-0:
CVE-2022-1619: vim: Heap-based Buffer Overflow in function cmdline_erase_chars
* Fixing bsc#1199334 VUL-0: CVE-2022-1620: vim: NULL Pointer Dereference in
function vim_regexec_string * Fixing bsc#1199747 VUL-0: CVE-2022-1796: vim: Use
After in find_pattern_in_path * Fixing bsc#1200010 VUL-0: CVE-2022-1897: vim:
Out-of-bounds Write in vim * Fixing bsc#1200011 VUL-0: CVE-2022-1898: vim: Use
After Free in vim prior to 8.2 * Fixing bsc#1200012 VUL-0: CVE-2022-1927: vim:
Buffer Over-read in vim prior to 8.2 * Fixing bsc#1070955 VUL-1:
CVE-2017-17087: vim: Sets the group ownership of a .swp file to the editor's
primary group, which allows local users to obtain sensitive information *
Fixing bsc#1194388 VUL-1: CVE-2022-0128: vim: vim is vulnerable to
Out-of-bounds Read * Fixing bsc#1195332 VUL-1: CVE-2022-0392: vim: Heap-based
Buffer Overflow in vim prior to 8.2 * Fixing bsc#1196361 VUL-1: CVE-2022-0696:
vim: NULL Pointer Dereference in vim prior to 8.2 * Fixing bsc#1198748 VUL-1:
CVE-2022-1420: vim: Out-of-range Pointer Offset * Fixing bsc#1199651 VUL-1:
CVE-2022-1735: vim: heap buffer overflow * Fixing bsc#1199655 VUL-1:
CVE-2022-1733: vim: Heap-based Buffer Overflow in cindent.c * Fixing bsc#
1199693 VUL-1: CVE-2022-1771: vim: stack exhaustion in vim prior to 8.2. *
Fixing bsc#1199745 VUL-1: CVE-2022-1785: vim: Out-of-bounds Write * Fixing bsc#
1199936 VUL-1: CVE-2022-1851: vim: out of bounds read * Fixing bsc#1195004 -
(CVE-2022-0318) VUL-0: CVE-2022-0318: vim:
Heap-based Buffer Overflow in vim prior to 8.2. * Fixing bsc#1190570
CVE-2021-3796: vim: use-after-free in nv_replace() in normal.c * Fixing bsc#
1191893 CVE-2021-3872: vim: heap-based buffer overflow in win_redr_status()
drawscreen.c * Fixing bsc#1192481 CVE-2021-3927: vim: vim is vulnerable to
Heap-based Buffer Overflow * Fixing bsc#1192478 CVE-2021-3928: vim: vim is
vulnerable to Stack-based Buffer Overflow * Fixing bsc#1193294 CVE-2021-4019:
vim: vim is vulnerable to Heap-based Buffer Overflow * Fixing bsc#1193298
CVE-2021-3984: vim: illegal memory access when C-indenting could lead to Heap
Buffer Overflow * Fixing bsc#1190533 CVE-2021-3778: vim: Heap-based Buffer
Overflow in regexp_nfa.c * Fixing bsc#1194216 CVE-2021-4193: vim: vulnerable to
Out-of-bounds Read * Fixing bsc#1194556 CVE-2021-46059: vim: A Pointer
Dereference vulnerability exists in Vim 8.2.3883 via the vim_regexec_multi
function at regexp.c, which causes a denial of service. * Fixing bsc#1195066
CVE-2022-0319: vim: Out-of-bounds Read in vim/vim prior to 8.2. * Fixing bsc#
1195126 CVE-2022-0351: vim: uncontrolled recursion in eval7() * Fixing bsc#
1195202 CVE-2022-0361: vim: Heap-based Buffer Overflow in vim prior to 8.2. *
Fixing bsc#1195356 CVE-2022-0413: vim: use after free in src/ex_cmds.c
Patch Instructions:
To install this SUSE Security Update use the SUSE recommended installation
methods like YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
o SUSE OpenStack Cloud Crowbar 9:
zypper in -t patch SUSE-OpenStack-Cloud-Crowbar-9-2022-4619=1
o SUSE OpenStack Cloud 9:
zypper in -t patch SUSE-OpenStack-Cloud-9-2022-4619=1
o SUSE Linux Enterprise Server for SAP 12-SP4:
zypper in -t patch SUSE-SLE-SAP-12-SP4-2022-4619=1
o SUSE Linux Enterprise Server 12-SP5:
zypper in -t patch SUSE-SLE-SERVER-12-SP5-2022-4619=1
o SUSE Linux Enterprise Server 12-SP4-LTSS:
zypper in -t patch SUSE-SLE-SERVER-12-SP4-LTSS-2022-4619=1
o SUSE Linux Enterprise Server 12-SP3-BCL:
zypper in -t patch SUSE-SLE-SERVER-12-SP3-BCL-2022-4619=1
o SUSE Linux Enterprise Server 12-SP2-BCL:
zypper in -t patch SUSE-SLE-SERVER-12-SP2-BCL-2022-4619=1
Package List:
o SUSE OpenStack Cloud Crowbar 9 (noarch):
vim-data-9.0.0814-17.9.1
vim-data-common-9.0.0814-17.9.1
o SUSE OpenStack Cloud Crowbar 9 (x86_64):
gvim-9.0.0814-17.9.1
gvim-debuginfo-9.0.0814-17.9.1
vim-9.0.0814-17.9.1
vim-debuginfo-9.0.0814-17.9.1
vim-debugsource-9.0.0814-17.9.1
o SUSE OpenStack Cloud 9 (noarch):
vim-data-9.0.0814-17.9.1
vim-data-common-9.0.0814-17.9.1
o SUSE OpenStack Cloud 9 (x86_64):
gvim-9.0.0814-17.9.1
gvim-debuginfo-9.0.0814-17.9.1
vim-9.0.0814-17.9.1
vim-debuginfo-9.0.0814-17.9.1
vim-debugsource-9.0.0814-17.9.1
o SUSE Linux Enterprise Server for SAP 12-SP4 (ppc64le x86_64):
gvim-9.0.0814-17.9.1
gvim-debuginfo-9.0.0814-17.9.1
vim-9.0.0814-17.9.1
vim-debuginfo-9.0.0814-17.9.1
vim-debugsource-9.0.0814-17.9.1
o SUSE Linux Enterprise Server for SAP 12-SP4 (noarch):
vim-data-9.0.0814-17.9.1
vim-data-common-9.0.0814-17.9.1
o SUSE Linux Enterprise Server 12-SP5 (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-17.9.1
gvim-debuginfo-9.0.0814-17.9.1
vim-9.0.0814-17.9.1
vim-debuginfo-9.0.0814-17.9.1
vim-debugsource-9.0.0814-17.9.1
o SUSE Linux Enterprise Server 12-SP5 (noarch):
vim-data-9.0.0814-17.9.1
vim-data-common-9.0.0814-17.9.1
o SUSE Linux Enterprise Server 12-SP4-LTSS (aarch64 ppc64le s390x x86_64):
gvim-9.0.0814-17.9.1
gvim-debuginfo-9.0.0814-17.9.1
vim-9.0.0814-17.9.1
vim-debuginfo-9.0.0814-17.9.1
vim-debugsource-9.0.0814-17.9.1
o SUSE Linux Enterprise Server 12-SP4-LTSS (noarch):
vim-data-9.0.0814-17.9.1
vim-data-common-9.0.0814-17.9.1
o SUSE Linux Enterprise Server 12-SP3-BCL (noarch):
vim-data-9.0.0814-17.9.1
vim-data-common-9.0.0814-17.9.1
o SUSE Linux Enterprise Server 12-SP3-BCL (x86_64):
gvim-9.0.0814-17.9.1
gvim-debuginfo-9.0.0814-17.9.1
vim-9.0.0814-17.9.1
vim-debuginfo-9.0.0814-17.9.1
vim-debugsource-9.0.0814-17.9.1
o SUSE Linux Enterprise Server 12-SP2-BCL (noarch):
vim-data-9.0.0814-17.9.1
vim-data-common-9.0.0814-17.9.1
o SUSE Linux Enterprise Server 12-SP2-BCL (x86_64):
gvim-9.0.0814-17.9.1
gvim-debuginfo-9.0.0814-17.9.1
vim-9.0.0814-17.9.1
vim-debuginfo-9.0.0814-17.9.1
vim-debugsource-9.0.0814-17.9.1
References:
o https://www.suse.com/security/cve/CVE-2009-0316.html
o https://www.suse.com/security/cve/CVE-2016-1248.html
o https://www.suse.com/security/cve/CVE-2017-17087.html
o https://www.suse.com/security/cve/CVE-2017-5953.html
o https://www.suse.com/security/cve/CVE-2017-6349.html
o https://www.suse.com/security/cve/CVE-2017-6350.html
o https://www.suse.com/security/cve/CVE-2021-3778.html
o https://www.suse.com/security/cve/CVE-2021-3796.html
o https://www.suse.com/security/cve/CVE-2021-3872.html
o https://www.suse.com/security/cve/CVE-2021-3875.html
o https://www.suse.com/security/cve/CVE-2021-3903.html
o https://www.suse.com/security/cve/CVE-2021-3927.html
o https://www.suse.com/security/cve/CVE-2021-3928.html
o https://www.suse.com/security/cve/CVE-2021-3968.html
o https://www.suse.com/security/cve/CVE-2021-3973.html
o https://www.suse.com/security/cve/CVE-2021-3974.html
o https://www.suse.com/security/cve/CVE-2021-3984.html
o https://www.suse.com/security/cve/CVE-2021-4019.html
o https://www.suse.com/security/cve/CVE-2021-4069.html
o https://www.suse.com/security/cve/CVE-2021-4136.html
o https://www.suse.com/security/cve/CVE-2021-4166.html
o https://www.suse.com/security/cve/CVE-2021-4192.html
o https://www.suse.com/security/cve/CVE-2021-4193.html
o https://www.suse.com/security/cve/CVE-2021-46059.html
o https://www.suse.com/security/cve/CVE-2022-0128.html
o https://www.suse.com/security/cve/CVE-2022-0213.html
o https://www.suse.com/security/cve/CVE-2022-0261.html
o https://www.suse.com/security/cve/CVE-2022-0318.html
o https://www.suse.com/security/cve/CVE-2022-0319.html
o https://www.suse.com/security/cve/CVE-2022-0351.html
o https://www.suse.com/security/cve/CVE-2022-0359.html
o https://www.suse.com/security/cve/CVE-2022-0361.html
o https://www.suse.com/security/cve/CVE-2022-0392.html
o https://www.suse.com/security/cve/CVE-2022-0407.html
o https://www.suse.com/security/cve/CVE-2022-0413.html
o https://www.suse.com/security/cve/CVE-2022-0696.html
o https://www.suse.com/security/cve/CVE-2022-1381.html
o https://www.suse.com/security/cve/CVE-2022-1420.html
o https://www.suse.com/security/cve/CVE-2022-1616.html
o https://www.suse.com/security/cve/CVE-2022-1619.html
o https://www.suse.com/security/cve/CVE-2022-1620.html
o https://www.suse.com/security/cve/CVE-2022-1720.html
o https://www.suse.com/security/cve/CVE-2022-1733.html
o https://www.suse.com/security/cve/CVE-2022-1735.html
o https://www.suse.com/security/cve/CVE-2022-1771.html
o https://www.suse.com/security/cve/CVE-2022-1785.html
o https://www.suse.com/security/cve/CVE-2022-1796.html
o https://www.suse.com/security/cve/CVE-2022-1851.html
o https://www.suse.com/security/cve/CVE-2022-1897.html
o https://www.suse.com/security/cve/CVE-2022-1898.html
o https://www.suse.com/security/cve/CVE-2022-1927.html
o https://www.suse.com/security/cve/CVE-2022-1968.html
o https://www.suse.com/security/cve/CVE-2022-2124.html
o https://www.suse.com/security/cve/CVE-2022-2125.html
o https://www.suse.com/security/cve/CVE-2022-2126.html
o https://www.suse.com/security/cve/CVE-2022-2129.html
o https://www.suse.com/security/cve/CVE-2022-2175.html
o https://www.suse.com/security/cve/CVE-2022-2182.html
o https://www.suse.com/security/cve/CVE-2022-2183.html
o https://www.suse.com/security/cve/CVE-2022-2206.html
o https://www.suse.com/security/cve/CVE-2022-2207.html
o https://www.suse.com/security/cve/CVE-2022-2208.html
o https://www.suse.com/security/cve/CVE-2022-2210.html
o https://www.suse.com/security/cve/CVE-2022-2231.html
o https://www.suse.com/security/cve/CVE-2022-2257.html
o https://www.suse.com/security/cve/CVE-2022-2264.html
o https://www.suse.com/security/cve/CVE-2022-2284.html
o https://www.suse.com/security/cve/CVE-2022-2285.html
o https://www.suse.com/security/cve/CVE-2022-2286.html
o https://www.suse.com/security/cve/CVE-2022-2287.html
o https://www.suse.com/security/cve/CVE-2022-2304.html
o https://www.suse.com/security/cve/CVE-2022-2343.html
o https://www.suse.com/security/cve/CVE-2022-2344.html
o https://www.suse.com/security/cve/CVE-2022-2345.html
o https://www.suse.com/security/cve/CVE-2022-2522.html
o https://www.suse.com/security/cve/CVE-2022-2571.html
o https://www.suse.com/security/cve/CVE-2022-2580.html
o https://www.suse.com/security/cve/CVE-2022-2581.html
o https://www.suse.com/security/cve/CVE-2022-2598.html
o https://www.suse.com/security/cve/CVE-2022-2816.html
o https://www.suse.com/security/cve/CVE-2022-2817.html
o https://www.suse.com/security/cve/CVE-2022-2819.html
o https://www.suse.com/security/cve/CVE-2022-2845.html
o https://www.suse.com/security/cve/CVE-2022-2849.html
o https://www.suse.com/security/cve/CVE-2022-2862.html
o https://www.suse.com/security/cve/CVE-2022-2874.html
o https://www.suse.com/security/cve/CVE-2022-2889.html
o https://www.suse.com/security/cve/CVE-2022-2923.html
o https://www.suse.com/security/cve/CVE-2022-2946.html
o https://www.suse.com/security/cve/CVE-2022-2980.html
o https://www.suse.com/security/cve/CVE-2022-2982.html
o https://www.suse.com/security/cve/CVE-2022-3016.html
o https://www.suse.com/security/cve/CVE-2022-3037.html
o https://www.suse.com/security/cve/CVE-2022-3099.html
o https://www.suse.com/security/cve/CVE-2022-3134.html
o https://www.suse.com/security/cve/CVE-2022-3153.html
o https://www.suse.com/security/cve/CVE-2022-3234.html
o https://www.suse.com/security/cve/CVE-2022-3235.html
o https://www.suse.com/security/cve/CVE-2022-3278.html
o https://www.suse.com/security/cve/CVE-2022-3296.html
o https://www.suse.com/security/cve/CVE-2022-3297.html
o https://www.suse.com/security/cve/CVE-2022-3324.html
o https://www.suse.com/security/cve/CVE-2022-3352.html
o https://www.suse.com/security/cve/CVE-2022-3705.html
o https://bugzilla.suse.com/1070955
o https://bugzilla.suse.com/1173256
o https://bugzilla.suse.com/1174564
o https://bugzilla.suse.com/1176549
o https://bugzilla.suse.com/1182324
o https://bugzilla.suse.com/1190533
o https://bugzilla.suse.com/1190570
o https://bugzilla.suse.com/1191770
o https://bugzilla.suse.com/1191893
o https://bugzilla.suse.com/1192167
o https://bugzilla.suse.com/1192478
o https://bugzilla.suse.com/1192481
o https://bugzilla.suse.com/1192902
o https://bugzilla.suse.com/1192903
o https://bugzilla.suse.com/1192904
o https://bugzilla.suse.com/1193294
o https://bugzilla.suse.com/1193298
o https://bugzilla.suse.com/1193466
o https://bugzilla.suse.com/1193905
o https://bugzilla.suse.com/1194093
o https://bugzilla.suse.com/1194216
o https://bugzilla.suse.com/1194217
o https://bugzilla.suse.com/1194388
o https://bugzilla.suse.com/1194556
o https://bugzilla.suse.com/1194872
o https://bugzilla.suse.com/1194885
o https://bugzilla.suse.com/1195004
o https://bugzilla.suse.com/1195066
o https://bugzilla.suse.com/1195126
o https://bugzilla.suse.com/1195202
o https://bugzilla.suse.com/1195203
o https://bugzilla.suse.com/1195332
o https://bugzilla.suse.com/1195354
o https://bugzilla.suse.com/1195356
o https://bugzilla.suse.com/1196361
o https://bugzilla.suse.com/1198596
o https://bugzilla.suse.com/1198748
o https://bugzilla.suse.com/1199331
o https://bugzilla.suse.com/1199333
o https://bugzilla.suse.com/1199334
o https://bugzilla.suse.com/1199651
o https://bugzilla.suse.com/1199655
o https://bugzilla.suse.com/1199693
o https://bugzilla.suse.com/1199745
o https://bugzilla.suse.com/1199747
o https://bugzilla.suse.com/1199936
o https://bugzilla.suse.com/1200010
o https://bugzilla.suse.com/1200011
o https://bugzilla.suse.com/1200012
o https://bugzilla.suse.com/1200270
o https://bugzilla.suse.com/1200697
o https://bugzilla.suse.com/1200698
o https://bugzilla.suse.com/1200700
o https://bugzilla.suse.com/1200701
o https://bugzilla.suse.com/1200732
o https://bugzilla.suse.com/1200884
o https://bugzilla.suse.com/1200902
o https://bugzilla.suse.com/1200903
o https://bugzilla.suse.com/1200904
o https://bugzilla.suse.com/1201132
o https://bugzilla.suse.com/1201133
o https://bugzilla.suse.com/1201134
o https://bugzilla.suse.com/1201135
o https://bugzilla.suse.com/1201136
o https://bugzilla.suse.com/1201150
o https://bugzilla.suse.com/1201151
o https://bugzilla.suse.com/1201152
o https://bugzilla.suse.com/1201153
o https://bugzilla.suse.com/1201154
o https://bugzilla.suse.com/1201155
o https://bugzilla.suse.com/1201249
o https://bugzilla.suse.com/1201356
o https://bugzilla.suse.com/1201359
o https://bugzilla.suse.com/1201363
o https://bugzilla.suse.com/1201620
o https://bugzilla.suse.com/1201863
o https://bugzilla.suse.com/1202046
o https://bugzilla.suse.com/1202049
o https://bugzilla.suse.com/1202050
o https://bugzilla.suse.com/1202051
o https://bugzilla.suse.com/1202414
o https://bugzilla.suse.com/1202420
o https://bugzilla.suse.com/1202421
o https://bugzilla.suse.com/1202511
o https://bugzilla.suse.com/1202512
o https://bugzilla.suse.com/1202515
o https://bugzilla.suse.com/1202552
o https://bugzilla.suse.com/1202599
o https://bugzilla.suse.com/1202687
o https://bugzilla.suse.com/1202689
o https://bugzilla.suse.com/1202862
o https://bugzilla.suse.com/1202962
o https://bugzilla.suse.com/1203110
o https://bugzilla.suse.com/1203152
o https://bugzilla.suse.com/1203155
o https://bugzilla.suse.com/1203194
o https://bugzilla.suse.com/1203272
o https://bugzilla.suse.com/1203508
o https://bugzilla.suse.com/1203509
o https://bugzilla.suse.com/1203796
o https://bugzilla.suse.com/1203797
o https://bugzilla.suse.com/1203799
o https://bugzilla.suse.com/1203820
o https://bugzilla.suse.com/1203924
o https://bugzilla.suse.com/1204779
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: https://auscert.org.au/gpg-key/
iQIVAwUBY7N27skNZI30y1K9AQglFhAAgJGegaIFXFdQrS6HWp7x1kSD3c+yO+0e
RZ9h5muAk2D3yOn+0MjLsPp7kd6C5zF0hFEKDkNW2lThJC2PS5PVn+LJ1mGZ0FC3
5oCkHBed3ms3lM1fEYA8aMRWSbVpFCoVd2owuQKNWxP1wUnprSBkjIj6h2m59ke6
rY6UOrz7lWQ4Gp8u652Y3ig5WCWji0gf6WK4Ucx0MAz2bwl+DaCc5qSlOwUJ4rv2
Qq7kZE0d9/g11wIrhEnBtjhF4NuUJbeiI6h6l6RcLjfDejuczPjD4f55uj65MYBI
KRhznS6wdaLwuFH+3T7B4aGEczEH4NwRDsFvI0kXFc41YihFLhZiTJhTBPptCkvv
49WWM8v8vWLSNy/6FC4N8lYhwOfBTFjcCkngLGNR/caJkP5K1l6IwuVUHks/W1bL
sxx8iG41RLdnu8dFw2rXpzydaIXkUp5ML8vWq0XwnRBoKr0ATWYZdKkbIx/Zc7Oa
H7VXYG3KbSoi3W5HwD3tbfOKjK0SHeYL9VDD+9F9ke8i3K7PX0w27dRZaCqLeGPw
VAUmrPikaNtekzDXtv9NISXrZKYMsED/4Qg+2Abv+9pSMf5dMotgy73j7W239Qsi
d4YKxaDlkfamObqha3jIv8K3OcJXXVmivjVdqJ+f0KoAGw+4Fv0OmhVPopG3/XZQ
BQlbB3zfepQ=
=bYZR
-----END PGP SIGNATURE-----