Fedora has issued an advisory today (December 7):
The issue is fixed upstream in 9.0.0947.
Fixed upstream in 9.0.0947
v9.0.963 is in Cauldron, but do not know whether it is relevant.
Assigning to tv who looks after vim.
The updated packages fix a security vulnerability:
Heap based buffer overflow in vim/vim 9.0.0946 and below by allowing an attacker to CTRL-W gf in the expression used in the RHS of the substitute command. (CVE-2022-4141)
Updated packages in core/updates_testing:
Fixed upstream in 9.0.0947 =>
MGA8-64 MATE on Acer Aspire 5253
No installation issues
Muddled around with basic commands as a, d, i, x.
Wrote changes to the file and exited OK.
Good enough for me.
Validating. Advisory in comment 2.
An update for this issue has been pushed to the Mageia Updates repository.
This update also fixed CVE-2022-4292: