[VIM] *pdf - new issues or old?

[security curmudgeon]

: OK... Red Hat noticed the new candidate and passed that onto vendor-sec, 
: and I sent vendor-sec the details of my analysis.  First comment has 
: been that it looks like everything had been covered by other CVEs or 
: were defensive tactics.  Hold onto your hats...

At the conclusion, make sure you scold / remind them about the purpose of 
CVE, and avoiding such hassles in the future.