[Git][security-tracker-team/security-tracker][master] Add three new vim issues from fuzzing reports

Sun, 30 Jan 2022 12:28:16 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
b663d572 by Salvatore Bonaccorso at 2022-01-30T21:27:36+01:00
Add three new vim issues from fuzzing reports

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -47,7 +47,11 @@ CVE-2021-46657 (get_sort_by_table in MariaDB before 10.6.2 
allows an application
 CVE-2022-0414
        RESERVED
 CVE-2022-0413 (Use After Free in Conda vim prior to 8.2. ...)
-       TODO: check
+       - vim <unfixed>
+       [bullseye] - vim <no-dsa> (Minor issue)
+       [buster] - vim <no-dsa> (Minor issue)
+       NOTE: https://huntr.dev/bounties/563d1e8f-5c3d-4669-941c-3216f4a87c38
+       NOTE: 
https://github.com/vim/vim/commit/37f47958b8a2a44abc60614271d9537e7f14e51a 
(v8.2.4253)
 CVE-2022-0412
        RESERVED
 CVE-2022-0411
@@ -80,9 +84,17 @@ CVE-2022-24113
 CVE-2022-0409
        RESERVED
 CVE-2022-0408 (Stack-based Buffer Overflow in Conda vim prior to 8.2. ...)
-       TODO: check
+       - vim <unfixed>
+       [bullseye] - vim <no-dsa> (Minor issue)
+       [buster] - vim <no-dsa> (Minor issue)
+       NOTE: https://huntr.dev/bounties/5e635bad-5cf6-46cd-aeac-34ef224e179d
+       NOTE: 
https://github.com/vim/vim/commit/06f15416bb8d5636200a10776f1752c4d6e49f31 
(v8.2.4247)
 CVE-2022-0407 (Heap-based Buffer Overflow in Conda vim prior to 8.2. ...)
-       TODO: check
+       - vim <unfixed>
+       [bullseye] - vim <no-dsa> (Minor issue)
+       [buster] - vim <no-dsa> (Minor issue)
+       NOTE: https://huntr.dev/bounties/81822bf7-aafe-4d37-b836-1255d46e572c
+       NOTE: 
https://github.com/vim/vim/commit/44db8213d38c39877d2148eff6a72f4beccfb94e 
(v8.2.4219)
 CVE-2022-24112
        RESERVED
 CVE-2022-0406



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b663d5723c0cfd7a64fd47a33e78aa15cdb087d5

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b663d5723c0cfd7a64fd47a33e78aa15cdb087d5
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to