[Buildroot] [PATCH 1/1] package/vim: security bump to version 9.0.0951
Peter Korsgaard
peter at korsgaard.com
Wed Dec 7 13:34:49 UTC 2022
>>>>> "Fabrice" == Fabrice Fontaine <fontaine.fabrice at gmail.com> writes:
> Fix CVE-2022-3705: A vulnerability was found in vim and classified as
> problematic. Affected by this issue is the function qf_update_buffer of
> the file quickfix.c of the component autocmd Handler. The manipulation
> leads to use after free. The attack may be launched remotely. Upgrading
> to version 9.0.0805 is able to address this issue. The name of the patch
> is d0fab10ed2a86698937e3c3fed2f10bd9bb5e731. It is recommended to
> upgrade the affected component. The identifier of this vulnerability is
> VDB-212324.
> Signed-off-by: Fabrice Fontaine <fontaine.fabrice at gmail.com>
Committed to 2022.08.x and 2022.02.x, thanks.
--
Bye, Peter Korsgaard
More information about the buildroot
mailing list