delorie.com/archives/browse.cgi   search  
Mail Archives: cygwin/2022/07/12/10:43:58

X-Recipient: archive-cygwin AT delorie DOT com
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 09A8F3856277
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cygwin.com;
s=default; t=1657637036;
bh=L8sXRdNMxVHkF9f2el53XElKV2ZuTVkrCXnqLkvYEkw=;
h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:
List-Help:List-Subscribe:From:Reply-To:From;
b=kCKrnFzw5olbTEvrEGQ+RyFcDkZAEwK7GKBFM7Jmv3qnR+Sh8E3yAhjrmJzEtyZ36
v+MKxNpeoByPQsZ08g+b/7KyQCoKqpNZzx/J2xGss2C75Wl8+8tzeVhsam0dKAeFKU
Tc9BAoNQDjBih9l/XB6cb+Gr6QgQaU011rB+INBs=
X-Original-To: cygwin AT cygwin DOT com
Delivered-To: cygwin AT cygwin DOT com
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 2B512385AE75
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=lqUOEo+ETGhFjcvVSqLgUDbV0ocD9ID5adyryIDS/Uc2ivEY3Zfa0fn4Jld776NaZq3VOD9kLJqEbmYo6m4e0fqrx3LVzpiZMQPsPKF3AfMeyj6oRfTHUZHhXZtMUUFbQuQshUBIzS5uGgPJK5gZjaH3dA2dlv5iHtfQuMPKO4WkOqNLebLz32Ii5+q2n43t/qeiqhchCg262s4AhyfewUKOLmjrE7Xj/wfvpedQala98jL0gzTC/O3ngyWwa1LUo+VN28WoGfBOyXKgjcTkvEwVJmHy01WBW5ToGXWBGsExTfynyLkiDni7jiozmVWeo+f1kqbieRqlBx/OqVylNA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=IIkRevX9PPl+Z6f//FU6n6mcxbZKDXRVTMb52dh83tU=;
b=OVdJVazxrW4BZaiGDnd4IfSkbL7erG/vTTprjBTaYW3EyiswqDNnp1GxPDPbSLC0RXkIsUN1X7iFyyiTbGlorT9qDHlmtpDDRViYNaQh95eC1nWA3ttRrSMqAy+qeBxcbmmQVapbPxlSGrcELXZJTtA/EASzP2WbMDoNHgFJdb9wmP/Vkz0ba2UKyYNJJvSbT9LZkPXDnM2VzklbZKsMGR0qiMfUttZSFjIBAV2O1w1l43TOv8Vj94pQaOZ8vhuqW32FdSsFHXf5f44Ey7hcVA5bkTpM2qDDgQS8NTUA56MdfYYfGUCOIyxRxHENJy+AO+C6y9e2FyEHmN6NCpcYxA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass
smtp.mailfrom=alumni.caltech.edu; dmarc=pass action=none
header.from=alumni.caltech.edu; dkim=pass header.d=alumni.caltech.edu;
arc=none
Date: Tue, 12 Jul 2022 07:43:20 -0700
To: cygwin AT cygwin DOT com
Subject: vim overflow for version < 9.0 ?
Message-ID: <Ys2IiJh6+uCBmzY8@ingber.com>
Mail-Followup-To: cygwin AT cygwin DOT com
X-ClientProxiedBy: MW4PR03CA0296.namprd03.prod.outlook.com
(2603:10b6:303:b5::31) To MW4PR03MB6523.namprd03.prod.outlook.com
(2603:10b6:303:126::6)
MIME-Version: 1.0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: fc51b92e-4bd7-4b7a-5d83-08da6414ded8
X-MS-TrafficTypeDiagnostic: SA2PR03MB5915:EE_
X-MS-Exchange-SenderADCheck: 1
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: 4D/t8IRc4v6oIkO2UpYypIg6z1UlAXIJfRtnpTNtIIpkcZOFb+tD7C3tACtjSypNoPJY9w15+P5n+ASR/Dux4xKcOoGPprtbAfqSTA1pIId95KbGQKn37Y3RAcTUTtj2AivUth5IYv3VBuD4BpnU/N2Alk86DSL3MpgRVq7zO30o7vE+6fw03RYee0CkEVxHtEuKQDB4ATx2xBAbtA1+r8XS5HVNOYSv8EorrProJCKazhPPhQbgwPoPh9M6NMadI2X868KuRMykzj7ivCuVgZEtHPvzEC+BBs+Pz8F9OntgqJkCFYYDzom8l17RNUKXaEmIfSVU0+LRrH6ZSyxusxfEI2Q+WGB/TVhkMb+YZ4FIVEKhIS+FwFlk5JVFq4y4ivgvqBXX4LjiOPQM0t0x4rehdCy6RQEqA7CP/aeTcMutQqiilhf+Ss/3CT15NfKVwgRJZeeC3hxdH/RkWrW5xL01k/T1zHgGLCFw0yaSdwWtM4qRwHB6ibsr1pbtrVu9EWdcpo+7KFIIt54+XrQCuxNEgOwI0Lu5vjf2P8ItfeOMTs7PYjMqFwqcyITFhYfxqzddpXI2tubyUNPkt+ji7I3wBT15wzK0yD/cCfvMidWSShPFXK47jguXABDGAaf6fSc9KvHdcVTycG9hznq4Q8NUbfW0mpCLuwd1MMrW/pU5RKm6Xvb7P0pejbLmHB7mndTQXvz74GFmu12LlhNjrMtBQfS6NKHKP4nSUV7wu4LRlyDShkJagVCMneJeF0YkArkld3n3dMoJ9/uUdxrZDXmQq8TVofONmx5V8SCvfPMsyLPAsRVoy1T3Tr/cylEr
X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM; H:MW4PR03MB6523.namprd03.prod.outlook.com; PTR:; CAT:NONE;
SFS:(13230016)(4636009)(346002)(136003)(366004)(396003)(376002)(39860400002)(26005)(38100700002)(6666004)(52116002)(5660300002)(6512007)(9686003)(41300700001)(38350700002)(6506007)(3450700001)(36756003)(4744005)(8936002)(2906002)(75432002)(41320700001)(66946007)(83380400001)(8676002)(86362001)(186003)(66556008)(316002)(6486002)(66476007)(786003)(6916009)(478600001)(67856001);
DIR:OUT; SFP:1101;
X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1
X-MS-Exchange-AntiSpam-MessageData-0: =?us-ascii?Q?d927GefkVs1eGkE+UlUAGJN6lxSzv9H6E1RftdHBKvXjvbCwOFe5RV+rMqe1?=
=?us-ascii?Q?VXvc2VxdCPK4L52hDIObxdXfD2df7PK8ccgYdNnaKhCGaGbk4gTaFJsK8+i9?=
=?us-ascii?Q?52d2PgArtfFaWNfYSyefqByO9Ihtfbxzur67FmxzRfvgzF6xGyXWacBDwMH1?=
=?us-ascii?Q?en5RV92Jgt4qnYTUBx1jQZv658BvJUOdXFNcTjEh0SY4dBv8e/hj72nMLTYY?=
=?us-ascii?Q?vcYHGHBS64Fdsq7DFkJcD6KyrATcEsWiSRlksLFWR3VPrIAg0arfXAepLBVl?=
=?us-ascii?Q?b6hZduH/IQrrO+3xKfeTeCTVJ+BG817Vh2Rbs+IOhegvVp4dl+eS4/PnPetl?=
=?us-ascii?Q?Y8Mrr2xMZb5s4scUV81sHowGXl4TEotn9l49P8GxCGyBs4R5//0AtNQ7QmW3?=
=?us-ascii?Q?KF+FKi08HH6E9aRqvPRCa9xAcFVdAaUj1OF27V0ivRLo0F30mP54i3R4TYSd?=
=?us-ascii?Q?XeyZ0H4UCgLb+6f85BB5GO7xj1w3Y8Diuu1xD/F/WIdIrf2vsbxcRHlefBsO?=
=?us-ascii?Q?l0RY4ebUInG7aQ3i7+9DRRpjp1ZTDkESqxQxiOryuHGXJFSYiFs2eZFdGqLh?=
=?us-ascii?Q?jeGJTKSyMm5Lr4/TBAFxoRPOdL08eC28+iPe7nXptaNfxizPuzXnu5Ae4PbM?=
=?us-ascii?Q?06PO+W3yRDKapfT9DRKFxlngbSzEovZP/dDPQenEBHOazDgOo+rAnkGs3vtf?=
=?us-ascii?Q?etaC/+k+TeXDeDPAilY1JknBylvFYhjjtVcTO0GKDRPfNnUaL7NnMeauJObE?=
=?us-ascii?Q?t9iLOxVprzjGrmxe4kJRK3k8V6uHS/w/drog2ta/4U92K6ovkeWbVeKcjkWC?=
=?us-ascii?Q?G6LwFgEDrigAjH1TlUg3+1qLGBdKnf4CELcYO+Rvy5uVzAmR7WSXuY/gtZOV?=
=?us-ascii?Q?PzVzJQBV5AwLI6os0yY2k6Oq5Yr43Wiut2zgXzxgO+3V++Ubwr5MDUKovF5V?=
=?us-ascii?Q?KJ1Sh/f7W23n3a5WKlhVyknroJqSxbRYpM9Hk8P4Yd8MKUiv/i/NKkZFWMF+?=
=?us-ascii?Q?SnJfHEnfAxMu/gK1lx+xhbgmzMs/cQ+k6392Up79jUEgd/7eF38TDUU8son3?=
=?us-ascii?Q?hiGUIkQFwzIb0MBL/J3yQGxNhmI/9vfcLJI2nv3K9+2VJ5MlpY4OaZ6Mx8NF?=
=?us-ascii?Q?So8eLQuNvJGuShE9i43uVXe66cz9TJrayBafIOXcRrb/8JSNV3J/bAmcpiH8?=
=?us-ascii?Q?Ukp5t1oxik/SLXeuEtJode3XRqH6JwTcZP1R+CD2rCBdRiM82kwLruAsZDvp?=
=?us-ascii?Q?RmZuQeP3jE80RjzzK5TOGE5CdcV93PigeQHnrxvZYDClFFlQibrAQGrG/DYO?=
=?us-ascii?Q?RcrhD+4aWd5wCcZdvEELtVwRXgH7FUYelrMiHE9Pm805/QeONdQNZrbyUB1P?=
=?us-ascii?Q?mcKmeNh01PVU06cQxtl/Dt9ulqUC4CK216gGezDk5RD9yRSXvHGgzJwC4dtt?=
=?us-ascii?Q?jJg3aUC/CTZ81L9s5zS+LmQF0104/LjAVbox1sRrktqEVVpVCLgXszvinAo2?=
=?us-ascii?Q?ofm26Luu0QIvm2jlc41yYCI45/INZaQ4+7ZsMF/nIWqSQA+lzn6i1omzv+76?=
=?us-ascii?Q?hcdfBO1xkJKz6g2ejpMlNwpt8+qa6SSAOiVBwhFjQd/VZSmxYj/ho6irQ4dd?=
=?us-ascii?Q?t5X8zTvqR5OBCwhfyMX5YZk=3D?=
X-OriginatorOrg: alumni.caltech.edu
X-MS-Exchange-CrossTenant-Network-Message-Id: fc51b92e-4bd7-4b7a-5d83-08da6414ded8
X-MS-Exchange-CrossTenant-AuthSource: MW4PR03MB6523.namprd03.prod.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 12 Jul 2022 14:43:23.8595 (UTC)
X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted
X-MS-Exchange-CrossTenant-Id: fd5be9d9-7b72-4df9-830e-b1f9cc5b44bd
X-MS-Exchange-CrossTenant-MailboxType: HOSTED
X-MS-Exchange-CrossTenant-UserPrincipalName: pa3P0EgKltGblyVRG0+Tp4VnxmfcLtxEy86BsGZRJvAyPj3TqVsH+6k+pHOyss9ZT99DjVzlhuVP7u4eZuLuNqLu/I88zSMm1Kra+cWB0umAG0q//ravL9GfRdwjw0rC
X-MS-Exchange-Transport-CrossTenantHeadersStamped: SA2PR03MB5915
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00, DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2,
SPF_HELO_PASS, SPF_PASS, TXREP,
T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
server2.sourceware.org
X-BeenThere: cygwin AT cygwin DOT com
X-Mailman-Version: 2.1.29
List-Id: General Cygwin discussions and problem reports <cygwin.cygwin.com>
List-Archive: <https://cygwin.com/pipermail/cygwin/>
List-Post: <mailto:cygwin AT cygwin DOT com>
List-Help: <mailto:cygwin-request AT cygwin DOT com?subject=help>
List-Subscribe: <https://cygwin.com/mailman/listinfo/cygwin>,
<mailto:cygwin-request AT cygwin DOT com?subject=subscribe>
From: Lester Ingber via Cygwin <cygwin AT cygwin DOT com>
Reply-To: Lester Ingber <ingber AT alumni DOT caltech DOT edu>
Sender: "Cygwin" <cygwin-bounces+archive-cygwin=delorie DOT com AT cygwin DOT com> 

This was just reported by US-CERT <US-CERT AT messages DOT cisa DOT gov> :

We are running VIM - Vi IMproved version 8.2.4372.

Medium Vulnerabilities

vim -- vim	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.	2022-07-01	6.8	CVE-2022-2264
MISC
CONFIRM
vim -- vim	Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.	2022-07-02	6.8	CVE-2022-2284
CONFIRM
MISC
vim -- vim	Integer Overflow or Wraparound in GitHub repository vim/vim prior to 9.0.	2022-07-02	6.8	CVE-2022-2285
MISC
CONFIRM
vim -- vim	Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.	2022-07-02	6.8	CVE-2022-2286
CONFIRM
MISC
vim -- vim	Out-of-bounds Read in GitHub repository vim/vim prior to 9.0.	2022-07-02	5.8	CVE-2022-2287
MISC

Lester


-- 
Problem reports:      https://cygwin.com/problems.html
FAQ:                  https://cygwin.com/faq/
Documentation:        https://cygwin.com/docs.html
Unsubscribe info:     https://cygwin.com/ml/#unsubscribe-simple

- Raw text -


  webmaster     delorie software   privacy  
  Copyright © 2019   by DJ Delorie     Updated Jul 2019