* | Wed Mar 30 22:37:05 UTC 2022...patches/packages/vim-8.2.4649-x86_64-1_slack15.0.txz: Upgraded.
Fixes a use-after-free in utf_ptr2char in vim/vim prior to 8.2.4646.
This vulnerability is capable of crashing software, bypassing protection
mechanisms, modifying memory, and possibly execution of arbitrary code.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1154
https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425
https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5
(* Security fix *)
patches/packages/vim-gvim-8.2.4649-x86_64-1_slack15.0.txz: Upgraded.
20220330223705_15.0 | Patrick J Volkerding | 2022-03-31 | 1 | -0/+19 |