Oval Definition:	oval:org.opensuse.security:def:528
Revision Date: 2022-06-16 Version: 1 Title: Security update for vim (Important) Description: This update for vim fixes the following issues: - CVE-2017-17087: Fixed information leak via .swp files (bsc#1070955). - CVE-2021-3875: Fixed heap-based buffer overflow (bsc#1191770). - CVE-2021-3903: Fixed heap-based buffer overflow (bsc#1192167). - CVE-2021-3968: Fixed heap-based buffer overflow (bsc#1192902). - CVE-2021-3973: Fixed heap-based buffer overflow (bsc#1192903). - CVE-2021-3974: Fixed use-after-free (bsc#1192904). - CVE-2021-4069: Fixed use-after-free in ex_open()in src/ex_docmd.c (bsc#1193466). - CVE-2021-4136: Fixed heap-based buffer overflow (bsc#1193905). - CVE-2021-4166: Fixed out-of-bounds read (bsc#1194093). - CVE-2021-4192: Fixed use-after-free (bsc#1194217). - CVE-2021-4193: Fixed out-of-bounds read (bsc#1194216). - CVE-2022-0128: Fixed out-of-bounds read (bsc#1194388). - CVE-2022-0213: Fixed heap-based buffer overflow (bsc#1194885). - CVE-2022-0261: Fixed heap-based buffer overflow (bsc#1194872). - CVE-2022-0318: Fixed heap-based buffer overflow (bsc#1195004). - CVE-2022-0359: Fixed heap-based buffer overflow in init_ccline() in ex_getln.c (bsc#1195203). - CVE-2022-0392: Fixed heap-based buffer overflow (bsc#1195332). - CVE-2022-0407: Fixed heap-based buffer overflow (bsc#1195354). - CVE-2022-0696: Fixed NULL pointer dereference (bsc#1196361). - CVE-2022-1381: Fixed global heap buffer overflow in skip_range (bsc#1198596). - CVE-2022-1420: Fixed out-of-range pointer offset (bsc#1198748). - CVE-2022-1616: Fixed use-after-free in append_command (bsc#1199331). - CVE-2022-1619: Fixed heap-based Buffer Overflow in function cmdline_erase_chars (bsc#1199333). - CVE-2022-1620: Fixed NULL pointer dereference in function vim_regexec_string (bsc#1199334). - CVE-2022-1733: Fixed heap-based buffer overflow in cindent.c (bsc#1199655). - CVE-2022-1735: Fixed heap-based buffer overflow (bsc#1199651). - CVE-2022-1771: Fixed stack exhaustion (bsc#1199693). - CVE-2022-1785: Fixed out-of-bounds write (bsc#1199745). - CVE-2022-1796: Fixed use-after-free in find_pattern_in_path (bsc#1199747). - CVE-2022-1851: Fixed out-of-bounds read (bsc#1199936). - CVE-2022-1897: Fixed out-of-bounds write (bsc#1200010). - CVE-2022-1898: Fixed use-after-free (bsc#1200011). - CVE-2022-1927: Fixed buffer over-read (bsc#1200012). Family: unix Class: patch Status: Reference(s): 1070955 1191770 1192167 1192902 1192903 1192904 1193466 1193905 1194093 1194216 1194217 1194388 1194872 1194885 1195004 1195203 1195332 1195354 1196361 1198596 1198748 1199331 1199333 1199334 1199651 1199655 1199693 1199745 1199747 1199936 1200010 1200011 1200012 CVE-2009-1273 CVE-2009-1273 CVE-2017-17087 CVE-2021-3778 CVE-2021-3796 CVE-2021-3872 CVE-2021-3875 CVE-2021-3903 CVE-2021-3927 CVE-2021-3928 CVE-2021-3968 CVE-2021-3973 CVE-2021-3974 CVE-2021-3984 CVE-2021-4019 CVE-2021-4069 CVE-2021-4136 CVE-2021-4166 CVE-2021-4192 CVE-2021-4193 CVE-2021-46059 CVE-2022-0128 CVE-2022-0213 CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0392 CVE-2022-0407 CVE-2022-0413 CVE-2022-0696 CVE-2022-1381 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1733 CVE-2022-1735 CVE-2022-1771 CVE-2022-1785 CVE-2022-1796 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898 CVE-2022-1927 SUSE-SU-2022:2102-1 Platform(s): openSUSE 13.1 openSUSE Leap 15.4 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 15 SP1 SUSE Linux Enterprise for SAP 12 SUSE Linux Enterprise for SAP 12 SP1 SUSE Linux Enterprise High Performance Computing 15 SP1 SUSE Linux Enterprise Live Patching 12 SUSE Linux Enterprise Module for Basesystem 15 SP1 SUSE Linux Enterprise Module for Desktop Applications 15 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Module for Public Cloud 12 SUSE Linux Enterprise Module for Web Scripting 12 SUSE Linux Enterprise Server 15 SP1 SUSE Linux Enterprise Server for SAP Applications 15 SP1 SUSE Linux Enterprise Software Development Kit 12 SUSE Linux Enterprise Storage 6 SUSE Linux Enterprise Workstation Extension 15 SUSE Manager Proxy 4.0 SUSE Manager Server 4.0 Product(s): Definition Synopsis openSUSE Leap 15.4 is installed AND Package Information gvim-8.2.5038-150000.5.21.1 is installed OR vim-8.2.5038-150000.5.21.1 is installed OR vim-data-8.2.5038-150000.5.21.1 is installed OR vim-data-common-8.2.5038-150000.5.21.1 is installed OR vim-small-8.2.5038-150000.5.21.1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND Package Information colord-1.3.3-10 is installed OR colord-gtk-lang-0.1.26-6 is installed OR colord-lang-1.3.3-10 is installed OR libcolord-gtk1-0.1.26-6 is installed OR libcolord2-1.3.3-10 is installed OR libcolord2-32bit-1.3.3-10 is installed OR libcolorhug2-1.3.3-10 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information pam_ssh-2.1-2.27 is installed OR pam_ssh-32bit-2.1-2.27 is installed Definition Synopsis SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed AND Package Information pam_ssh-2.1-2 is installed OR pam_ssh-32bit-2.1-2 is installed Definition Synopsis SUSE Linux Enterprise Module for Desktop Applications 15 is installed AND Package Information MozillaFirefox-60.7.0-3.40 is installed OR MozillaFirefox-devel-60.7.0-3.40 is installed OR MozillaFirefox-translations-common-60.7.0-3.40 is installed OR MozillaFirefox-translations-other-60.7.0-3.40 is installed Definition Synopsis SUSE Linux Enterprise Workstation Extension 15 is installed AND bluez-cups-5.48-3 is installed
BACK