Release date:
2026-04-30 09:42:32 UTC
Description:
- CVE-2023-1170: at the end of do_put() (ops.c), clamp the cursor column
back to the line length (and recompute coladd under virtualedit=all)
so a Visual block put past the new NUL no longer leaves the cursor
pointing past end-of-line.
- CVE-2023-1175: in op_yank() (ops.c), when the yank starts inside a
multi-cell tab under virtual editing, clamp bd.startspaces to 0
before incrementing startcol so a negative width can't drive the
later block-yank copy out of bounds.
- CVE-2023-1264: in vgetorpeek() (getchar.c), guard the dead-character
putcmdline()/unputcmdline() paths with cmdline_has_buffer() (new
ex_getln.c helper) so a nested :open command with a NULL ccline.cmdbuff
no longer dereferences it.
Updated packages:
-
vim-X11-7.4.629-8.0.1.el7_9.tuxcare.els12.x86_64.rpm
sha:2656c2668cec3dd9646f4499b92da79c315cf4fecb56ace041916fd5c3547097
-
vim-common-7.4.629-8.0.1.el7_9.tuxcare.els12.x86_64.rpm
sha:6049147394728996ec637f7b96a9d9cdff51c8ac1f161d370c8d90ec0bd82f8c
-
vim-enhanced-7.4.629-8.0.1.el7_9.tuxcare.els12.x86_64.rpm
sha:4c3f76ae0feea1d0d87f4e8faeb176e65754d668621b79eb86b461414c1a9e7d
-
vim-filesystem-7.4.629-8.0.1.el7_9.tuxcare.els12.x86_64.rpm
sha:afe2ff41984f0deb4d5b0eae712c110ff3472127e129ad16d498a2b7e5af6190
-
vim-minimal-7.4.629-8.0.1.el7_9.tuxcare.els12.x86_64.rpm
sha:77b1581f5e8a4705ac780abb1950ed62d0b36b5414caaf0827de67c168883779
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
