GLSA 202208-32: Vim, gVim: Multiple Vulnerabilities
Severity: | low |
Title: | Vim, gVim: Multiple Vulnerabilities |
Date: | 08/21/2022 |
Bugs: |
|
ID: | 202208-32 |
Synopsis
Multiple vulnerabilities have been discovered in Vim, the worst of which could result in denial of service.Background
Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim.
Affected packages
Package | Vulnerable | Unaffected | Architecture(s) |
---|---|---|---|
app-editors/vim-core | < 9.0.0060 | >= 9.0.0060 | All supported architectures |
app-editors/vim | < 9.0.0060 | >= 9.0.0060 | All supported architectures |
app-editors/gvim | < 9.0.0060 | >= 9.0.0060 | All supported architectures |
Description
Multiple vulnerabilities have been discovered in Vim and gVim. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Vim users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.0060"
All gVim users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.0060"
All vim-core users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.0060"
References
CVE-2022-2345 CVE-2022-2344 CVE-2022-2343 CVE-2022-2304 CVE-2022-2289 CVE-2022-2288 CVE-2022-2287 CVE-2022-2286 CVE-2022-2285 CVE-2022-2284 CVE-2022-2264 CVE-2022-2257 CVE-2022-2231 CVE-2022-2210 CVE-2022-2208 CVE-2022-2207 CVE-2022-2206 CVE-2022-2183 CVE-2022-2182 CVE-2022-2175 CVE-2022-2129 CVE-2022-2126 CVE-2022-2125 CVE-2022-2124 CVE-2022-2042 CVE-2022-2000 CVE-2022-1968 CVE-2022-1942 CVE-2022-1927 CVE-2022-1898 CVE-2022-1897 CVE-2022-1886 CVE-2022-1851 CVE-2022-1796 CVE-2022-1785 CVE-2022-1771 CVE-2022-1769 CVE-2022-1735 CVE-2022-1733 CVE-2022-1720 CVE-2022-1674 CVE-2022-1629 CVE-2022-1621 CVE-2022-1620 CVE-2022-1619 CVE-2022-1616 CVE-2022-1420 CVE-2022-1381 CVE-2022-1160 CVE-2022-1154 CVE-2022-0943 CVE-2022-0729 CVE-2022-0714 CVE-2022-0685 CVE-2022-0629 CVE-2022-0554 CVE-2022-0443 CVE-2022-0417 CVE-2022-0413 CVE-2022-0408 CVE-2022-0407 CVE-2022-0393 CVE-2022-0392 CVE-2022-0368 CVE-2022-0361 CVE-2022-0359 CVE-2022-0351 CVE-2022-0319 CVE-2022-0318 CVE-2022-0261 CVE-2022-0213 CVE-2022-0158 CVE-2022-0156 CVE-2022-0128 CVE-2021-46059 CVE-2021-4193 CVE-2021-4192 CVE-2021-4187 CVE-2021-4173 CVE-2021-4166 CVE-2021-4136 CVE-2021-4069 CVE-2021-4019 CVE-2021-3984 CVE-2021-3974 CVE-2021-3973 CVE-2021-3968 CVE-2021-3928 CVE-2021-3927 CVE-2021-3875 CVE-2021-3872 CVE-2021-3796 CVE-2021-3778 CVE-2021-3770
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.