SUSE-SU-2019:1457-1

Опубликовано: 11 июн. 2019

Источник: suse-cvrf

Описание

Security update for vim

This update for vim fixes the following issue:

Security issue fixed:

CVE-2019-12735: Fixed a potential arbitrary code execution vulnerability in getchar.c (bsc#1137443).

Список пакетов

Container bci/dotnet-aspnet:5.0

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container bci/dotnet-runtime:5.0

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container bci/dotnet-sdk:5.0

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container ses/7.1/ceph/haproxy:latest

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container suse/sle-micro-rancher/5.2:latest

vim-data-common-8.0.1568-5.3.1

Container suse/sle-micro-rancher/5.3:latest

vim-data-common-8.0.1568-5.3.1

Container suse/sle-micro-rancher/5.4:latest

vim-data-common-8.0.1568-5.3.1

Container suse/sle-micro/5.0/toolbox:latest

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container suse/sle-micro/5.1/toolbox:latest

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container suse/sle-micro/5.2/toolbox:latest

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container suse/sle-micro/5.3/toolbox:latest

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container suse/sle-micro/5.4/toolbox:latest

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container suse/sles/15.2/virt-launcher:0.38.1

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container suse/sles/15.3/virt-launcher:0.45.0

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Container suse/sles/15.4/virt-launcher:0.49.0

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-BYOS-EC2-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-CHOST-BYOS-Aliyun

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-CHOST-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-CHOST-BYOS-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-CHOST-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-CHOST-BYOS-SAP-CCloud

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-EC2-ECS-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-EC2-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-HPC-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-HPC-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-HPC-BYOS-EC2-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-HPC-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-EC2-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Manager-4-2-Proxy-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-EC2-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Manager-4-2-Server-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Micro-5-1-BYOS-Azure

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Micro-5-1-BYOS-EC2-HVM

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Micro-5-1-BYOS-GCE

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Micro-5-2-BYOS-Azure

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Micro-5-2-BYOS-EC2-HVM

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Micro-5-2-BYOS-GCE

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-Micro-BYOS-GCE

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAP-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAP-Azure-LI-BYOS-Production

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAP-Azure-VLI-BYOS-Production

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAP-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAP-BYOS-EC2-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAP-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAP-EC2-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAP-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAPCAL-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAPCAL-EC2-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP3-SAPCAL-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Azure-Basic

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Azure-Standard

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-BYOS-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-CHOST-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-CHOST-BYOS-Aliyun

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-CHOST-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-CHOST-BYOS-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-CHOST-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-CHOST-BYOS-SAP-CCloud

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-EC2-ECS-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-HPC

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-HPC-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-HPC-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-HPC-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-HPC-BYOS-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-HPC-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-HPC-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-HPC-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Hardened-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Hardened-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Hardened-BYOS-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Hardened-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Proxy-4-3-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Server-4-3

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Server-4-3-Azure-llc

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Server-4-3-Azure-ltd

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Server-4-3-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Server-4-3-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Server-4-3-EC2-llc

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Manager-Server-4-3-EC2-ltd

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-3

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-3-Azure

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-3-BYOS

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-3-BYOS-Azure

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-3-BYOS-EC2

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-3-BYOS-GCE

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-3-EC2

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-3-GCE

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-4

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-4-Azure

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-4-BYOS

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-4-BYOS-Azure

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-4-BYOS-EC2

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-4-BYOS-GCE

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-4-EC2

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-Micro-5-4-GCE

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Azure-LI-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Azure-LI-BYOS-Production

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Azure-VLI-BYOS-Production

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-BYOS-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Hardened

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Hardened-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Hardened-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Hardened-BYOS-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Hardened-BYOS-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Hardened-BYOS-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Hardened-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAP-Hardened-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAPCAL

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAPCAL-Azure

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAPCAL-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SAPCAL-GCE

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

Image SLES15-SP4-SUSE-Rancher-Setup-BYOS-EC2-HVM

vim-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

SUSE Linux Enterprise Module for Basesystem 15

vim-8.0.1568-5.3.1

vim-data-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

SUSE Linux Enterprise Module for Basesystem 15 SP1

vim-8.0.1568-5.3.1

vim-data-8.0.1568-5.3.1

vim-data-common-8.0.1568-5.3.1

SUSE Linux Enterprise Module for Desktop Applications 15

gvim-8.0.1568-5.3.1

SUSE Linux Enterprise Module for Desktop Applications 15 SP1

gvim-8.0.1568-5.3.1

Ссылки

https://www.suse.com/support/update/announcement/2019/suse-su-20191457-1/
Link for SUSE-SU-2019:1457-1
https://lists.suse.com/pipermail/sle-security-updates/2019-June/005545.html
E-Mail link for SUSE-SU-2019:1457-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1137443
SUSE Bug 1137443
https://www.suse.com/security/cve/CVE-2019-12735/
SUSE CVE CVE-2019-12735 page

Описание

getchar.c in Vim before 8.1.1365 and Neovim before 0.3.6 allows remote attackers to execute arbitrary OS commands via the :source! command in a modeline, as demonstrated by execute in Vim, and assert_fails or nvim_input in Neovim.

Затронутые продукты

Container bci/dotnet-aspnet:5.0:vim-8.0.1568-5.3.1

Container bci/dotnet-aspnet:5.0:vim-data-common-8.0.1568-5.3.1

Container bci/dotnet-runtime:5.0:vim-8.0.1568-5.3.1

Container bci/dotnet-runtime:5.0:vim-data-common-8.0.1568-5.3.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-12735.html
CVE-2019-12735
https://bugzilla.suse.com/1137443
SUSE Bug 1137443