NULL pointer dereference in the function handle_viminfo_register() of vim

Read Time:24 Second

Posted by Christian Brabandt on Feb 04

Meng Ruijie wrote:

Meng,

This particular problem was fixed in Vim v9.0.1740
https://github.com/vim/vim/commit/0a0764684591c7c6a5d722b628f11dc96208e853

I have no idea, why this issue is worth a CVE, because if an attacker
can modify your .viminfo file to make Vim crash, he already has the
possibilities to do much more harm directly. So I don’t think this is
particular useful CVE. I’d also like to dispute this.

Thanks,
Christian

Read More

chromium-121.0.6167.139-2.el7

Read Time:15 Second

FEDORA-EPEL-2024-25f8bac8aa

Packages in this update:

chromium-121.0.6167.139-2.el7

Update description:

update to 121.0.6167.139

High CVE-2024-1060: Use after free in Canvas
High CVE-2024-1059: Use after free in WebRTC
High CVE-2024-1077: Use after free in Network

Read More