Описание
Security update for vim
This update for vim fixes the following security issues:
- Fixed CVE-2016-1248, an arbitrary command execution vulnerability (bsc#1010685)
Список пакетов
SUSE Linux Enterprise Server 11 SP4
gvim-7.2-8.17.1
vim-7.2-8.17.1
vim-base-7.2-8.17.1
vim-data-7.2-8.17.1
SUSE Linux Enterprise Server for SAP Applications 11 SP4
gvim-7.2-8.17.1
vim-7.2-8.17.1
vim-base-7.2-8.17.1
vim-data-7.2-8.17.1
Ссылки
- Link for SUSE-SU-2016:2938-1
- E-Mail link for SUSE-SU-2016:2938-1
- SUSE Security Ratings
- SUSE Bug 1010685
- SUSE CVE CVE-2016-1248 page
Описание
vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened.
Затронутые продукты
SUSE Linux Enterprise Server 11 SP4:gvim-7.2-8.17.1
SUSE Linux Enterprise Server 11 SP4:vim-7.2-8.17.1
SUSE Linux Enterprise Server 11 SP4:vim-base-7.2-8.17.1
SUSE Linux Enterprise Server 11 SP4:vim-data-7.2-8.17.1
Ссылки
- CVE-2016-1248
- SUSE Bug 1010685
- SUSE Bug 1173534