Updated vim packages fix security vulnerabilities
Publication date: 17 Aug 2017Modification date: 17 Aug 2017
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-1248 , CVE-2017-5953 , CVE-2017-6349 , CVE-2017-6350
Description
Florian Larysch and Bram Moolenaar discovered that vim, an enhanced vi editor,
does not properly validate values for the "filetype", "syntax" and "keymap"
options, which may result in the execution of arbitrary code if a file with a
specially crafted modeline is opened (CVE-2016-1248).
A vulnerability has been discovered in Vim where a malformed spell file could
cause an integer overflow which is used as the size for memory allocation,
resulting in a subsequent buffer overflow (CVE-2017-5953).
An integer overflow flaw was found in the way vim handled undo files. This bug
could result in vim crashing when trying to process corrupted undo files
(CVE-2017-6349).
An integer overflow flaw was found in the way vim handled tree length values
when reading an undo file. This bug could result in vim crashing when trying
to process corrupted undo files (CVE-2017-6350).
References
- https://bugs.mageia.org/show_bug.cgi?id=19829
- https://www.debian.org/security/2016/dsa-3722
- https://www.debian.org/security/2017/dsa-3786
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/JYVF3KT6EAEDFGLP5STYMQ7VRJDMK66G/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1248
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5953
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6349
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6350
SRPMS
5/core
- vim-7.4.430-7.1.mga5