Wed Mar 30 22:37:05 UTC 2022
ap/vim-8.2.4649-i586-1.txz: Upgraded.
Fixes a use-after-free in utf_ptr2char in vim/vim prior to 8.2.4646.
This vulnerability is capable of crashing software, bypassing protection
mechanisms, modifying memory, and possibly execution of arbitrary code.
Thanks to marav for the heads-up.
For more information, see:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1154
https://huntr.dev/bounties/7f0ec6bc-ea0e-45b0-8128-caac72d23425
https://github.com/vim/vim/commit/b55986c52d4cd88a22d0b0b0e8a79547ba13e1d5
(* Security fix *)
d/cmake-3.23.0-i586-1.txz: Upgraded.
d/meson-0.61.4-i586-1.txz: Upgraded.
l/harfbuzz-4.2.0-i586-1.txz: Upgraded.
l/libcap-ng-0.8.3-i586-1.txz: Upgraded.
l/mlt-7.6.0-i586-1.txz: Upgraded.
x/xdg-desktop-portal-1.14.2-i586-1.txz: Upgraded.
xap/vim-gvim-8.2.4649-i586-1.txz: Upgraded.
Distro