Debian 10032 Published by

A vim security update has been released for Debian GNU/Linux 8 Extended LTS to address multiple security vulnerabilities.

ELA-628-1 vim security update

Package vim
Version 2:7.4.488-7+deb8u7 (jessie)
Related CVEs CVE-2021-3903 CVE-2022-0417 CVE-2022-0943 CVE-2022-1851 CVE-2022-1898 CVE-2022-1968 CVE-2022-2124 CVE-2022-2126

Multiple security vulnerabilities have been discovered in vim, an enhanced vi editor. Buffer overflows, out-of-bounds reads and use-after-free may lead to a denial-of-service (application crash) or other unspecified impact.

For Debian 8 jessie, these problems have been fixed in version 2:7.4.488-7+deb8u7.

We recommend that you upgrade your vim packages.

Further information about Extended LTS security advisories can be found at:

  ELA-628-1 vim security update