The problem was announced here: https://www.openwall.com/lists/oss-security/2023/10/26/1 Mageia 8 and 9 are also affected.
Status comment: (none) => Fixed upstream in 9.0.2068CC: (none) => nicolas.salgueroWhiteboard: (none) => MGA9TOO, MGA8TOOSource RPM: (none) => vim-9.0.2059-1.mga9.src.rpm
Assigning to the registered vim maintainer
Assignee: bugsquad => thierry.vignaudCC: (none) => marja11
Suggested advisory: ======================== The updated packages fix a security vulnerability: Integer overflow in :history Ex-Command in Vim < 9.0.2068. References: https://www.openwall.com/lists/oss-security/2023/10/26/1 ======================== Updated packages in {8|9}/core/updates_testing: ======================== vim-X11-9.0.2087-1.mga{8|9} vim-common-9.0.2087-1.mga{8|9} vim-enhanced-9.0.2087-1.mga{8|9} vim-minimal-9.0.2087-1.mga{8|9} from SRPM: vim-9.0.2087-1.mga{8|9}.src.rpm
Assignee: thierry.vignaud => qa-bugsStatus comment: Fixed upstream in 9.0.2068 => (none)Whiteboard: MGA9TOO, MGA8TOO => MGA8TOOStatus: NEW => ASSIGNEDVersion: Cauldron => 9
I understand this is the matching CVE: https://www.cvedetails.com/cve/CVE-2023-46246/ Advisory from comment x added to SVN, with the addition of CVE-2023-46246. Please remove the "advisory" keyword if it needs to be changed. It also helps when obsolete advisories are tagged as "obsolete"
Keywords: (none) => advisory
Mageia9, x64 Tinkered with vim to start with, setting very large values on the history command, e.g: :history 99999 without anything untoward happening. Updated and set history to different values. vim continued to work. Used the command $ vim bindoc* edoc* to edit 6 files. Using :next! advanced to the next file when no edit was performed. The sequence :w :next Moved to the next file after an edit and so on. Working as expected.
Whiteboard: MGA8TOO => MGA8TOO MGA9-64-OKCC: (none) => tarazed25
MGA8-64 Xfce on Acer 5253 No installation issues. Tinkered on plain text file wit commands a, i, dd, x, :w and :q Checked changes with pluma, all OK.
CC: (none) => herman.viaeneWhiteboard: MGA8TOO MGA9-64-OK => MGA8TOO MGA9-64-OK MGA8-64-OK
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2023-0314.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED