-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Moderate: vim security update Advisory ID: RHSA-2022:1552-01 Product: Red Hat Enterprise Linux Advisory URL: https://access.redhat.com/errata/RHSA-2022:1552 Issue date: 2022-04-26 CVE Names: CVE-2022-1154 ===================================================================== 1. Summary: An update for vim is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat Enterprise Linux AppStream (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64 Red Hat Enterprise Linux BaseOS (v. 8) - aarch64, ppc64le, s390x, x86_64 3. Description: Vim (Vi IMproved) is an updated and improved version of the vi editor. Security Fix(es): * vim: use after free in utf_ptr2char (CVE-2022-1154) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2073013 - CVE-2022-1154 vim: use after free in utf_ptr2char 6. Package List: Red Hat Enterprise Linux AppStream (v. 8): aarch64: vim-X11-8.0.1763-16.el8_5.13.aarch64.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.13.aarch64.rpm vim-common-8.0.1763-16.el8_5.13.aarch64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.13.aarch64.rpm vim-debuginfo-8.0.1763-16.el8_5.13.aarch64.rpm vim-debugsource-8.0.1763-16.el8_5.13.aarch64.rpm vim-enhanced-8.0.1763-16.el8_5.13.aarch64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.13.aarch64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.13.aarch64.rpm noarch: vim-filesystem-8.0.1763-16.el8_5.13.noarch.rpm ppc64le: vim-X11-8.0.1763-16.el8_5.13.ppc64le.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.13.ppc64le.rpm vim-common-8.0.1763-16.el8_5.13.ppc64le.rpm vim-common-debuginfo-8.0.1763-16.el8_5.13.ppc64le.rpm vim-debuginfo-8.0.1763-16.el8_5.13.ppc64le.rpm vim-debugsource-8.0.1763-16.el8_5.13.ppc64le.rpm vim-enhanced-8.0.1763-16.el8_5.13.ppc64le.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.13.ppc64le.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.13.ppc64le.rpm s390x: vim-X11-8.0.1763-16.el8_5.13.s390x.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.13.s390x.rpm vim-common-8.0.1763-16.el8_5.13.s390x.rpm vim-common-debuginfo-8.0.1763-16.el8_5.13.s390x.rpm vim-debuginfo-8.0.1763-16.el8_5.13.s390x.rpm vim-debugsource-8.0.1763-16.el8_5.13.s390x.rpm vim-enhanced-8.0.1763-16.el8_5.13.s390x.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.13.s390x.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.13.s390x.rpm x86_64: vim-X11-8.0.1763-16.el8_5.13.x86_64.rpm vim-X11-debuginfo-8.0.1763-16.el8_5.13.x86_64.rpm vim-common-8.0.1763-16.el8_5.13.x86_64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.13.x86_64.rpm vim-debuginfo-8.0.1763-16.el8_5.13.x86_64.rpm vim-debugsource-8.0.1763-16.el8_5.13.x86_64.rpm vim-enhanced-8.0.1763-16.el8_5.13.x86_64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.13.x86_64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.13.x86_64.rpm Red Hat Enterprise Linux BaseOS (v. 8): Source: vim-8.0.1763-16.el8_5.13.src.rpm aarch64: vim-X11-debuginfo-8.0.1763-16.el8_5.13.aarch64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.13.aarch64.rpm vim-debuginfo-8.0.1763-16.el8_5.13.aarch64.rpm vim-debugsource-8.0.1763-16.el8_5.13.aarch64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.13.aarch64.rpm vim-minimal-8.0.1763-16.el8_5.13.aarch64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.13.aarch64.rpm ppc64le: vim-X11-debuginfo-8.0.1763-16.el8_5.13.ppc64le.rpm vim-common-debuginfo-8.0.1763-16.el8_5.13.ppc64le.rpm vim-debuginfo-8.0.1763-16.el8_5.13.ppc64le.rpm vim-debugsource-8.0.1763-16.el8_5.13.ppc64le.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.13.ppc64le.rpm vim-minimal-8.0.1763-16.el8_5.13.ppc64le.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.13.ppc64le.rpm s390x: vim-X11-debuginfo-8.0.1763-16.el8_5.13.s390x.rpm vim-common-debuginfo-8.0.1763-16.el8_5.13.s390x.rpm vim-debuginfo-8.0.1763-16.el8_5.13.s390x.rpm vim-debugsource-8.0.1763-16.el8_5.13.s390x.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.13.s390x.rpm vim-minimal-8.0.1763-16.el8_5.13.s390x.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.13.s390x.rpm x86_64: vim-X11-debuginfo-8.0.1763-16.el8_5.13.x86_64.rpm vim-common-debuginfo-8.0.1763-16.el8_5.13.x86_64.rpm vim-debuginfo-8.0.1763-16.el8_5.13.x86_64.rpm vim-debugsource-8.0.1763-16.el8_5.13.x86_64.rpm vim-enhanced-debuginfo-8.0.1763-16.el8_5.13.x86_64.rpm vim-minimal-8.0.1763-16.el8_5.13.x86_64.rpm vim-minimal-debuginfo-8.0.1763-16.el8_5.13.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-1154 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYmhvptzjgjWX9erEAQgFog/8C5MWtkhYwTTkyBdwfI4aMARAEF+eb3xL zmZYD3RIeeLfKSOZ/9dVay1+9GDHy/xsEy3B4/CRV1wK5WMAtr6JdqKZk+F6wjpn 7Sf7iARBSoquMXQx5OFdgMWDuoe46ZcMJ+g4mR5ukKf2a1ZvS9dqVPzIvnYah1kk qBQbZmtw4FBoNab9sA4YjQYfJeUyARS+6RYrTgUW/r69/Ozg2+/Y4HZ7gB/Ozl2N Y1a1LOKtvfMwYL6G+9yRnROQzMqYT+Lqx5IstinH05vGP1M6O0dzncf9n4guwwk7 auaf1OypOIvrY8Lxj8TPM7lXhWK5adt30ITwjL65nsuYLUC9lBhO+PsBqp7rvKym bDgdrncWaXAIWauyBXP+ShwYHvsQc6Qe4UDnAExARfQDxmHFG59gRbugh4Vds9cs fPmFSrsjVkVEKsBTyuaMm6JfyDeLLVnfCSt17IjZVFrTJ6l9U7QNlCK/syfDBS2j QttI/PfzKTMDAxi3lQ5k4WMs/H9N8ND7osiie7Yq1ij9ypvhZQw8J9YQl/SSVn7p hXkMcnZFy4zltOddNfe3dFg45tODqgMeqwvPD4mzZ1zzwAQrNxJxgCdxYJMGF/uI Q47AdoYZ+1K/Qg/FEJIFpaiVJaCdYaRJSWuV5ZDtDnBihegcwmyBwtwKIpykw4sM DBqI4GPVbzA= =0nMM -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce