Описание
ELSA-2019-1774: vim security update (IMPORTANT)
[2:7.4.629-5.2]
- 1724045 - fix CVE-2019-12735 the :source! command allows arbitrary command execution via the modeline
- fix spec warnings about expanding macros
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
vim-X11
7.4.629-5.el6_10.2
vim-common
7.4.629-5.el6_10.2
vim-enhanced
7.4.629-5.el6_10.2
vim-filesystem
7.4.629-5.el6_10.2
vim-minimal
7.4.629-5.el6_10.2
Oracle Linux i686
vim-X11
7.4.629-5.el6_10.2
vim-common
7.4.629-5.el6_10.2
vim-enhanced
7.4.629-5.el6_10.2
vim-filesystem
7.4.629-5.el6_10.2
vim-minimal
7.4.629-5.el6_10.2
Связанные CVE
Связанные уязвимости
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.
getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote ...