ELA-628-1 vim security update

denial of service

2022-06-22
Packagevim
Version2:7.4.488-7+deb8u7 (jessie)
Related CVEs CVE-2021-3903 CVE-2022-0417 CVE-2022-0943 CVE-2022-1851 CVE-2022-1898 CVE-2022-1968 CVE-2022-2124 CVE-2022-2126

Multiple security vulnerabilities have been discovered in vim, an enhanced vi editor. Buffer overflows, out-of-bounds reads and use-after-free may lead to a denial-of-service (application crash) or other unspecified impact.

For Debian 8 jessie, these problems have been fixed in version 2:7.4.488-7+deb8u7.

We recommend that you upgrade your vim packages.

Further information about Extended LTS security advisories can be found at: https://deb.freexian.com/extended-lts/