From c68554c374deb21dba1598d0e58cee3f75a96f41 Mon Sep 17 00:00:00 2001 From: Salvatore Bonaccorso Date: Tue, 4 Jan 2022 06:28:12 +0100 Subject: Track several fixed CVEs for vim via unstable --- data/CVE/2021.list | 28 ++++++++++++++-------------- 1 file changed, 14 insertions(+), 14 deletions(-) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 56f27f4181..bdcf83a75c 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -504,13 +504,13 @@ CVE-2021-44466 (Bitmask Riseup VPN 0.21.6 contains a local privilege escalation CVE-2021-4194 RESERVED CVE-2021-4193 (vim is vulnerable to Out-of-bounds Read ...) - - vim + - vim 2:8.2.3995-1 [bullseye] - vim (Minor issue) [buster] - vim (Minor issue) NOTE: https://huntr.dev/bounties/92c1940d-8154-473f-84ce-0de43b0c2eb0 NOTE: Fixed by: https://github.com/vim/vim/commit/94f3192b03ed27474db80b4d3a409e107140738b (v8.2.3950) CVE-2021-4192 (vim is vulnerable to Use After Free ...) - - vim + - vim 2:8.2.3995-1 [bullseye] - vim (Minor issue) [buster] - vim (Minor issue) NOTE: https://huntr.dev/bounties/6dd9cb2e-a940-4093-856e-59b502429f22 @@ -564,7 +564,7 @@ CVE-2021-44775 CVE-2021-44465 RESERVED CVE-2021-4187 (vim is vulnerable to Use After Free ...) - - vim + - vim 2:8.2.3995-1 [bullseye] - vim (Minor issue) [buster] - vim (Vulnerable code introduced later) [stretch] - vim (Vulnerable code introduced later) @@ -1101,7 +1101,7 @@ CVE-2021-23166 CVE-2021-4174 RESERVED CVE-2021-4173 (vim is vulnerable to Use After Free ...) - - vim + - vim 2:8.2.3995-1 [bullseye] - vim (Minor issue) [buster] - vim (Vulnerable code introduced later) [stretch] - vim (Vulnerable code introduced later) @@ -1542,7 +1542,7 @@ CVE-2021-45476 CVE-2021-45475 RESERVED CVE-2021-4166 (vim is vulnerable to Out-of-bounds Read ...) - - vim + - vim 2:8.2.3995-1 [bullseye] - vim (Minor issue) [buster] - vim (Minor issue) NOTE: https://huntr.dev/bounties/229df5dd-5507-44e9-832c-c70364bdf035 @@ -2440,7 +2440,7 @@ CVE-2021-44462 CVE-2021-4137 RESERVED CVE-2021-4136 (vim is vulnerable to Heap-based Buffer Overflow ...) - - vim (bug #1002534) + - vim 2:8.2.3995-1 (bug #1002534) [bullseye] - vim (Minor issue) [buster] - vim (Vulnerable code introduced later) [stretch] - vim (Vulnerable code introduced later) @@ -3941,7 +3941,7 @@ CVE-2021-4070 CVE-2021-44549 (Apache Sling Commons Messaging Mail provides a simple layer on top of ...) NOT-FOR-US: Apache Sling CVE-2021-4069 (vim is vulnerable to Use After Free ...) - - vim + - vim 2:8.2.3995-1 NOTE: https://huntr.dev/bounties/0efd6d23-2259-4081-9ff1-3ade26907d74/ NOTE: https://github.com/vim/vim/commit/e031fe90cf2e375ce861ff5e5e281e4ad229ebb9 (v8.2.3741) CVE-2021-44548 (An Improper Input Validation vulnerability in DataImportHandler of Apa ...) @@ -4835,7 +4835,7 @@ CVE-2021-4020 (janus-gateway is vulnerable to Improper Neutralization of Input D NOTE: https://github.com/meetecho/janus-gateway/commit/ba166e9adebfe5343f826c6a9e02299d35414ffd NOTE: Issues only in janus-demos built from src:janus CVE-2021-4019 (vim is vulnerable to Heap-based Buffer Overflow ...) - - vim + - vim 2:8.2.3995-1 NOTE: https://huntr.dev/bounties/d8798584-a6c9-4619-b18f-001b9a6fca92 NOTE: https://github.com/vim/vim/commit/bd228fd097b41a798f90944b5d1245eddd484142 (v8.2.3669) CVE-2021-44220 @@ -5297,7 +5297,7 @@ CVE-2021-44041 (UiPath Assistant 21.4.4 will load and execute attacker controlle CVE-2021-3985 (kimai2 is vulnerable to Improper Neutralization of Input During Web Pa ...) NOT-FOR-US: kimai2 CVE-2021-3984 (vim is vulnerable to Heap-based Buffer Overflow ...) - - vim (bug #1001896) + - vim 2:8.2.3995-1 (bug #1001896) [bullseye] - vim (Minor issue) [buster] - vim (Minor issue) NOTE: https://huntr.dev/bounties/b114b5a2-18e2-49f0-b350-15994d71426a @@ -5514,14 +5514,14 @@ CVE-2021-43961 CVE-2021-43960 RESERVED CVE-2021-3974 (vim is vulnerable to Use After Free ...) - - vim (bug #1001897) + - vim 2:8.2.3995-1 (bug #1001897) [bullseye] - vim (Minor issue) [buster] - vim (Minor issue) [stretch] - vim (Minor issue) NOTE: https://huntr.dev/bounties/e402cb2c-8ec4-4828-a692-c95f8e0de6d4 NOTE: https://github.com/vim/vim/commit/64066b9acd9f8cffdf4840f797748f938a13f2d6 (v8.2.3612) CVE-2021-3973 (vim is vulnerable to Heap-based Buffer Overflow ...) - - vim (bug #1001899) + - vim 2:8.2.3995-1 (bug #1001899) [bullseye] - vim (Minor issue) [buster] - vim (Minor issue) [stretch] - vim (Minor issue) @@ -5536,7 +5536,7 @@ CVE-2021-3970 CVE-2021-3969 RESERVED CVE-2021-3968 (vim is vulnerable to Heap-based Buffer Overflow ...) - - vim (bug #1001900) + - vim 2:8.2.3995-1 (bug #1001900) [bullseye] - vim (Minor issue) [buster] - vim (Minor issue) [stretch] - vim (Vulnerable code not present) @@ -7056,12 +7056,12 @@ CVE-2021-43359 (Sunnet eHRD has broken access control vulnerability, which allow CVE-2021-43358 (Sunnet eHRD has inadequate filtering for special characters in URLs, w ...) NOT-FOR-US: Sunnet eHRD CVE-2021-3928 (vim is vulnerable to Stack-based Buffer Overflow ...) - - vim + - vim 2:8.2.3995-1 [stretch] - vim (Minor issue) NOTE: https://huntr.dev/bounties/29c3ebd2-d601-481c-bf96-76975369d0cd NOTE: Fixed by: https://github.com/vim/vim/commit/15d9890eee53afc61eb0a03b878a19cb5672f732 (v8.2.3582) CVE-2021-3927 (vim is vulnerable to Heap-based Buffer Overflow ...) - - vim + - vim 2:8.2.3995-1 [stretch] - vim (Minor issue) NOTE: https://huntr.dev/bounties/9c2b2c82-48bb-4be9-ab8f-a48ea252d1b0 NOTE: Fixed by: https://github.com/vim/vim/commit/0b5b06cb4777d1401fdf83e7d48d287662236e7e (v8.2.3581) -- cgit v1.2.3