openSUSE-SU-2020:0794-1

Опубликовано: 11 июн. 2020

Источник: suse-cvrf

Описание

Security update for vim

This update for vim fixes the following issues:

CVE-2019-20807: Fixed an issue where escaping from the restrictive mode of vim was possible using interfaces (bsc#1172225).

This update was imported from the SUSE:SLE-15:Update update project.

Список пакетов

openSUSE Leap 15.1

gvim-8.0.1568-lp151.5.6.1

vim-8.0.1568-lp151.5.6.1

vim-data-8.0.1568-lp151.5.6.1

vim-data-common-8.0.1568-lp151.5.6.1

Ссылки

https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/6PO7KU3LZCS7CIDBMXZNNIWTS66OAR3L/
E-Mail link for openSUSE-SU-2020:0794-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1172225
SUSE Bug 1172225
https://www.suse.com/security/cve/CVE-2019-20807/
SUSE CVE CVE-2019-20807 page

Описание

In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).

Затронутые продукты

openSUSE Leap 15.1:gvim-8.0.1568-lp151.5.6.1

openSUSE Leap 15.1:vim-8.0.1568-lp151.5.6.1

openSUSE Leap 15.1:vim-data-8.0.1568-lp151.5.6.1

openSUSE Leap 15.1:vim-data-common-8.0.1568-lp151.5.6.1

Ссылки

https://www.suse.com/security/cve/CVE-2019-20807.html
CVE-2019-20807
https://bugzilla.suse.com/1172225
SUSE Bug 1172225

openSUSE-SU-2020:0794-1

Описание

Список пакетов

openSUSE Leap 15.1

Ссылки

Уязвимость: CVE-2019-20807

Описание

Затронутые продукты

Ссылки