Bug#995748: buster-pu: package vim/2:8.1.0875-5+deb10u1
Control: tags -1 + confirmed
On Mon, 2021-10-04 at 22:22 -0400, James McCoy wrote:
> Various "non DSA" CVEs have accumulated in Vim, and it seemed like a
> good idea to get a new upload addressing those.
>
> [ Impact ]
> * CVE-2019-20807 - Shell commands can be executed from rvim
> (restricted
> vim) via the bindings to other programming languages
> * CVE-2021-3770 / #994076 - Invalid memory access when a very large
> number is given to :retab command
> * CVE-2021-3778 / #994498 - Reading beyond end of line when invalid
> utf-8 character is encountered
> * CVE-2021-3796 / #994497 - Using freed memory in replace mode
>
Please go ahead, thanks.
Regards,
Adam
Reply to: