GLSA 202305-16: Vim, gVim: Multiple Vulnerabilities
Severity: | low |
Title: | Vim, gVim: Multiple Vulnerabilities |
Date: | 05/03/2023 |
Bugs: |
|
ID: | 202305-16 |
Synopsis
Multiple vulnerabilities have been found in Vim, the worst of which could result in denial of service.Background
Vim is an efficient, highly configurable improved version of the classic ‘vi’ text editor. gVim is the GUI version of Vim.
Affected packages
Package | Vulnerable | Unaffected | Architecture(s) |
---|---|---|---|
app-editors/vim-core | < 9.0.1157 | >= 9.0.1157 | All supported architectures |
app-editors/vim | < 9.0.1157 | >= 9.0.1157 | All supported architectures |
app-editors/gvim | < 9.0.1157 | >= 9.0.1157 | All supported architectures |
Description
Multiple vulnerabilities have been discovered in Vim, gVim. Please review the CVE identifiers referenced below for details.
Impact
Please review the referenced CVE identifiers for details.
Workaround
There is no known workaround at this time.
Resolution
All Vim users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=app-editors/vim-9.0.1157"
All gVim users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/gvim-9.0.1157"
All vim-core users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=app-editors/vim-core-9.0.1157"
References
CVE-2023-0054 CVE-2023-0051 CVE-2023-0049 CVE-2022-47024 CVE-2022-4293 CVE-2022-4292 CVE-2022-4141 CVE-2022-3705 CVE-2022-3591 CVE-2022-3520 CVE-2022-3491 CVE-2022-3352 CVE-2022-3324 CVE-2022-3297 CVE-2022-3296 CVE-2022-3278 CVE-2022-3256 CVE-2022-3235 CVE-2022-3234 CVE-2022-3153 CVE-2022-3134 CVE-2022-3099 CVE-2022-3016 CVE-2022-2982 CVE-2022-2980 CVE-2022-2946 CVE-2022-2923 CVE-2022-2889 CVE-2022-2874 CVE-2022-2862 CVE-2022-2849 CVE-2022-2845 CVE-2022-2819 CVE-2022-2817 CVE-2022-2816 CVE-2022-2522 CVE-2022-2345 CVE-2022-2344 CVE-2022-2343 CVE-2022-2304 CVE-2022-2289 CVE-2022-2288 CVE-2022-2287 CVE-2022-2286 CVE-2022-2285 CVE-2022-2284 CVE-2022-2264 CVE-2022-2257 CVE-2022-2231 CVE-2022-2210 CVE-2022-2208 CVE-2022-2207 CVE-2022-2206 CVE-2022-2183 CVE-2022-2182 CVE-2022-2175 CVE-2022-2129 CVE-2022-2126 CVE-2022-2125 CVE-2022-2124 CVE-2022-2042 CVE-2022-2000 CVE-2022-1968 CVE-2022-1942 CVE-2022-1927 CVE-2022-1898 CVE-2022-1897 CVE-2022-1886 CVE-2022-1851 CVE-2022-1796 CVE-2022-1785 CVE-2022-1771 CVE-2022-1769 CVE-2022-1735 CVE-2022-1733 CVE-2022-1725 CVE-2022-1720 CVE-2022-1674 CVE-2022-1629 CVE-2022-1621 CVE-2022-1620 CVE-2022-1619 CVE-2022-1616 CVE-2022-1420 CVE-2022-1381 CVE-2022-1160 CVE-2022-1154
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2010 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.