Control: tags -1 + confirmed On Mon, 2021-10-04 at 22:22 -0400, James McCoy wrote: > Various "non DSA" CVEs have accumulated in Vim, and it seemed like a > good idea to get a new upload addressing those. > > [ Impact ] > * CVE-2019-20807 - Shell commands can be executed from rvim > (restricted > vim) via the bindings to other programming languages > * CVE-2021-3770 / #994076 - Invalid memory access when a very large > number is given to :retab command > * CVE-2021-3778 / #994498 - Reading beyond end of line when invalid > utf-8 character is encountered > * CVE-2021-3796 / #994497 - Using freed memory in replace mode >
Please go ahead, thanks. Regards, Adam
