Описание
Security update for vim
This update for vim fixes the following issues:
- CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces (bsc#1172225 and bsc#1172031).
Список пакетов
HPE Helion OpenStack 8
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
Image SLES12-SP4-Azure-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP4-EC2-HVM-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP4-GCE-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP4-OCI-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP4-SAP-Azure
vim-7.4.326-17.6.1
Image SLES12-SP4-SAP-Azure-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP4-SAP-Azure-LI-BYOS-Production
vim-7.4.326-17.6.1
Image SLES12-SP4-SAP-Azure-VLI-BYOS-Production
vim-7.4.326-17.6.1
Image SLES12-SP4-SAP-EC2-HVM
vim-7.4.326-17.6.1
Image SLES12-SP4-SAP-EC2-HVM-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP4-SAP-GCE
vim-7.4.326-17.6.1
Image SLES12-SP4-SAP-GCE-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP4-SAP-OCI-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP5-Azure-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP5-Azure-Basic-On-Demand
vim-7.4.326-17.6.1
Image SLES12-SP5-Azure-HPC-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP5-Azure-HPC-On-Demand
vim-7.4.326-17.6.1
Image SLES12-SP5-Azure-SAP-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP5-Azure-SAP-On-Demand
vim-7.4.326-17.6.1
Image SLES12-SP5-Azure-Standard-On-Demand
vim-7.4.326-17.6.1
Image SLES12-SP5-EC2-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP5-EC2-ECS-On-Demand
vim-7.4.326-17.6.1
Image SLES12-SP5-EC2-On-Demand
vim-7.4.326-17.6.1
Image SLES12-SP5-EC2-SAP-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP5-EC2-SAP-On-Demand
vim-7.4.326-17.6.1
Image SLES12-SP5-GCE-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP5-GCE-On-Demand
vim-7.4.326-17.6.1
Image SLES12-SP5-GCE-SAP-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP5-GCE-SAP-On-Demand
vim-7.4.326-17.6.1
Image SLES12-SP5-OCI-BYOS-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP5-OCI-BYOS-SAP-BYOS
vim-7.4.326-17.6.1
Image SLES12-SP5-SAP-Azure-LI-BYOS-Production
vim-7.4.326-17.6.1
Image SLES12-SP5-SAP-Azure-VLI-BYOS-Production
vim-7.4.326-17.6.1
SUSE Enterprise Storage 5
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE Linux Enterprise Server 12 SP2-BCL
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE Linux Enterprise Server 12 SP2-LTSS
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE Linux Enterprise Server 12 SP3-BCL
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE Linux Enterprise Server 12 SP3-LTSS
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE Linux Enterprise Server 12 SP4
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE Linux Enterprise Server 12 SP5
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP2
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP3
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE Linux Enterprise Server for SAP Applications 12 SP5
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE OpenStack Cloud 7
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE OpenStack Cloud 8
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
SUSE OpenStack Cloud Crowbar 8
gvim-7.4.326-17.6.1
vim-7.4.326-17.6.1
vim-data-7.4.326-17.6.1
Ссылки
- Link for SUSE-SU-2020:1550-1
- E-Mail link for SUSE-SU-2020:1550-1
- SUSE Security Ratings
- SUSE Bug 1172031
- SUSE Bug 1172225
- SUSE CVE CVE-2019-20807 page
Описание
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
Затронутые продукты
HPE Helion OpenStack 8:gvim-7.4.326-17.6.1
HPE Helion OpenStack 8:vim-7.4.326-17.6.1
HPE Helion OpenStack 8:vim-data-7.4.326-17.6.1
Image SLES12-SP4-Azure-BYOS:vim-7.4.326-17.6.1
Ссылки
- CVE-2019-20807
- SUSE Bug 1172225