Gentoo Linux Security Advisory 202305-16 - Multiple vulnerabilities have been found in Vim, the worst of which could result in denial of service. Versions less than 9.0.1157 are affected.
81b5395f5780b813c10198f29c690100f378f19946bb1a709a861b0663668b4eUbuntu Security Notice 5613-2 - USN-5613-1 fixed vulnerabilities in Vim. Unfortunately that update failed to include binary packages for some architectures. This update fixes that regression. It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim was using freed memory when dealing with regular expressions through its old regular expression engine. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution. It was discovered that Vim was not properly performing checks on name of lambda functions. An attacker could possibly use this issue to cause a denial of service. This issue affected only Ubuntu 22.04 LTS. It was discovered that Vim was incorrectly performing bounds checks when processing invalid commands with composing characters in Ex mode. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim was not properly processing latin1 data when issuing Ex commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim was not properly performing memory management when dealing with invalid regular expression patterns in buffers. An attacker could possibly use this issue to cause a denial of service. It was discovered that Vim was not properly processing invalid bytes when performing spell check operations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code.
002c02114fee54074c33b853c60e7bab399be235d6002d18845e35b96a8f5d54Ubuntu Security Notice 5613-1 - It was discovered that Vim was not properly performing bounds checks when executing spell suggestion commands. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. It was discovered that Vim was using freed memory when dealing with regular expressions through its old regular expression engine. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution.
87e65b0272b019cea25d9ffef2c8b4de555653ca53f0750c1ab4f4d73fca6b07Red Hat Security Advisory 2022-5242-01 - Vim is an updated and improved version of the vi editor. Issues addressed include buffer over-read, buffer overflow, and use-after-free vulnerabilities.
7f54bbeaba225ab3573d888abe910358d13c726e9adc4f49603d93d5f2885a15Red Hat Security Advisory 2022-5188-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.
de99e1a865995c3cb23cb50bcf37b75b678a3a66147e77f88143a4717bf81758Red Hat Security Advisory 2022-5132-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug and security fixes.
bfca0ba942391c6a43c9f8d48bf4d26fb94e10f853c2bf23fb873d2cf0db5c07Red Hat Security Advisory 2022-5006-01 - Red Hat OpenShift Service Mesh is Red Hat's distribution of the Istio service mesh project, tailored for installation into an on-premise OpenShift Container Platform installation. This advisory covers the RPM packages for the release. Issues addressed include a traversal vulnerability.
6f6ba67471416e8a7e06343894cacbc3dcadc86799322067063a37ae1ba3d122Red Hat Security Advisory 2022-4880-01 - Updated images are now available for Red Hat Advanced Cluster Security for Kubernetes (RHACS). The updated image includes bug fixes and feature improvements. Issues addressed include a bypass vulnerability.
c63643705f44dff2556cecc50e362faec1c7302c8cda104e2a0666de9f499543Ubuntu Security Notice 5433-1 - It was discovered that Vim incorrectly handled parsing of filenames in its search functionality. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service. It was discovered that Vim incorrectly handled memory when opening and searching the contents of certain files. If a user were tricked into opening a specially crafted file, an attacker could crash the application, leading to a denial of service, or possibly achieve code execution with user privileges.
8b8300d57f240b901a3f654950e0c539f204e144869f668c8135608a5cde9f4fRed Hat Security Advisory 2022-4690-01 - Red Hat Openshift GitOps is a declarative way to implement continuous deployment for cloud native applications. Issues addressed include a spoofing vulnerability.
3bfe6b3b087ca42a19201811078371538ab2936796ff2422443605c3aef038d7Red Hat Security Advisory 2022-2216-01 - Logging Subsystem 5.4.1 - Red Hat OpenShift. Issues addressed include HTTP request smuggling and denial of service vulnerabilities.
e8448d15067ef4e108e62dd39572f25de537bd0cc05255cb4ff9f26a2036af6dRed Hat Security Advisory 2022-2218-01 - Openshift Logging Bug Fix Release. Issues addressed include HTTP request smuggling, denial of service, and man-in-the-middle vulnerabilities.
0c5927e91c79b433162241dc82bdfd0e2fdad1d3d97c1f4a6ed341b8c4358a0bRed Hat Security Advisory 2022-2217-01 - Openshift Logging Bug Fix Release. Issues addressed include HTTP request smuggling, denial of service, and man-in-the-middle vulnerabilities.
0ec4d077e744566221bfb42a084e913e4269ba131207183ed703c14611b8ba91Red Hat Security Advisory 2022-2183-01 - Release osp-director-operator images. Issues addressed include a denial of service vulnerability.
cc75dc0ea9405e57725d05b12cad495f4f0943e8d0b5bc731db97d78ca8246b7Red Hat Security Advisory 2022-1679-01 - New Cryostat 2.1.0 on RHEL 8 container images have been released, adding a variety of features and bug fixes as well as security issues being addressed.
666cf4c0aa77f72ac31f23b9f9d974267e3b3c18f0cc58fb4f29f1e839a1f3e8Red Hat Security Advisory 2022-1734-01 - The Migration Toolkit for Containers enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the MTC web console or the Kubernetes API.
67eeebb8087b0fc31c8fbd504ec1c532cbcd40628f892f8aff82695c15395b0dRed Hat Security Advisory 2022-1715-01 - Red Hat Advanced Cluster Management for Kubernetes 2.3.10 images Red Hat Advanced Cluster Management for Kubernetes provides the capabilities to address common challenges that administrators and site reliability engineers face as they work across a range of public and private cloud environments. Clusters and applications are all visible and managed from a single console—with security policy built in. This advisory contains the container images for Red Hat Advanced Cluster Management for Kubernetes, which fix several bugs. Issues addressed include bypass and traversal vulnerabilities.
3d159d78f952dd38855eff547380186ff43d2649b5b56d70f73248bbeae9a417Red Hat Security Advisory 2022-1713-01 - The rh-sso-7/sso75-openshift-rhel8 container image has been updated for RHEL-8 based Middleware Containers. Issues addressed include a privilege escalation vulnerability.
5e68f770626e4f6d387ddf43f4ea9975e4956978d0e4fee9895e84e69c5886b1Red Hat Security Advisory 2022-1681-01 - Red Hat Advanced Cluster Management for Kubernetes 2.4.4 General Availability release images. This update provides security fixes, bug fixes, and updates container images. Issues addressed include bypass and traversal vulnerabilities.
1bee26055b1d06a4bc9715b98ed40f38564faecb40aaae8083d0ca2eed4c2283Red Hat Security Advisory 2022-1552-01 - Vim is an updated and improved version of the vi editor. Issues addressed include a use-after-free vulnerability.
7d620f81fc5fe745477b9fa90e0502293855ee38ed51459868b1ae55790687e7
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed