1. Forum
  2. Fsxnet Message
  3. FSX BOT

  • Vim vulnerabilities

    From bugz_ubuntu@21:4/110 to Ubuntu Users on Monday, March 23, 2020 12:10:02
    vim vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 19.10
    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS
    * Ubuntu 14.04 ESM
    * Ubuntu 12.04 ESM

    Summary

    Several security issues were fixed in Vim.

    Software Description

    * vim - Vi IMproved - enhanced vi editor

    Details

    It was discovered that Vim incorrectly handled certain sources. An
    attacker could possibly use this issue to cause a denial of
    service. This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04
    ESM and Ubuntu 16.04 LTS (CVE-2017-1110)

    It was discovered that Vim incorrectly handled certain files. An
    attacker could possibly use this issue to execute arbitrary code.
    This issue only affected Ubuntu 12.04 ESM and Ubuntu 14.04 ESM.
    (CVE-2017-5953)

    It was discovered that Vim incorrectly handled certain inputs. An
    attacker could possibly use this issue to cause a denial of
    service. This issue only affected Ubuntu 16.06 LTS.
    (CVE-2018-20786)

    It was discovered that Vim incorrectly handled certain inputs. An
    attacker could possibly use this issue to cause a denial of
    service or execute arbitrary code. This issue only affected Ubuntu
    18.04 LTS and Ubuntu 19.10. (CVE-2019-20079)

    It was discovered that Vim incorrectly handled certain files. An
    attacker could possibly use this issue to execute arbitrary code.
    This issue only affected Ubuntu 12.04 ESM, Ubuntu 14.04 ESM and
    Ubuntu 16.04 LTS. (CVE-2017-6349, CVE-2017-6350)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 19.10
    vim - 2:8.1.0875-5ubuntu2.1
    vim-common - 2:8.1.0875-5ubuntu2.1
    vim-gui-common - 2:8.1.0875-5ubuntu2.1
    vim-runtime - 2:8.1.0875-5ubuntu2.1

    Ubuntu 18.04 LTS
    vim - 2:8.0.1453-1ubuntu1.3
    vim-common - 2:8.0.1453-1ubuntu1.3
    vim-gui-common - 2:8.0.1453-1ubuntu1.3
    vim-runtime - 2:8.0.1453-1ubuntu1.3

    Ubuntu 16.04 LTS
    vim - 2:7.4.1689-3ubuntu1.4
    vim-common - 2:7.4.1689-3ubuntu1.4
    vim-gui-common - 2:7.4.1689-3ubuntu1.4
    vim-runtime - 2:7.4.1689-3ubuntu1.4

    Ubuntu 14.04 ESM
    vim - 2:7.4.052-1ubuntu3.1+esm1
    vim-common - 2:7.4.052-1ubuntu3.1+esm1
    vim-gui-common - 2:7.4.052-1ubuntu3.1+esm1
    vim-runtime - 2:7.4.052-1ubuntu3.1+esm1

    Ubuntu 12.04 ESM
    vim - 2:7.3.429-2ubuntu2.3
    vim-common - 2:7.3.429-2ubuntu2.3
    vim-gui-common - 2:7.3.429-2ubuntu2.3
    vim-runtime - 2:7.3.429-2ubuntu2.3

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2017-11109
    * CVE-2017-5953
    * CVE-2017-6349
    * CVE-2017-6350
    * CVE-2018-20786
    * CVE-2019-20079

    --- Mystic BBS v1.12 A45 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)
  • From boo_ubuntu@21:4/110 to Ubuntu Users on Wednesday, October 14, 2020 16:10:07
    vim vulnerabilities

    A security issue affects these releases of Ubuntu and its
    derivatives:

    * Ubuntu 18.04 LTS
    * Ubuntu 16.04 LTS

    Summary

    Several security issues were fixed in Vim.

    Software Description

    * vim - Vi IMproved - enhanced vi editor

    Details

    It was discovered that Vim incorrectly handled permissions on the
    .swp file. A local attacker could possibly use this issue to
    obtain sensitive information. This issue only affected Ubuntu
    16.04 LTS. (CVE-2017-17087)

    It was discovered that Vim incorrectly handled restricted mode. A
    local attacker could possibly use this issue to bypass restricted
    mode and execute arbitrary commands. Note: This update only makes
    executing shell commands more difficult. Restricted mode should
    not be considered a complete security measure. (CVE-2019-20807)

    Update instructions

    The problem can be corrected by updating your system to the
    following package versions:

    Ubuntu 18.04 LTS
    vim - 2:8.0.1453-1ubuntu1.4
    vim-common - 2:8.0.1453-1ubuntu1.4
    vim-runtime - 2:8.0.1453-1ubuntu1.4

    Ubuntu 16.04 LTS
    vim - 2:7.4.1689-3ubuntu1.5
    vim-common - 2:7.4.1689-3ubuntu1.5
    vim-runtime - 2:7.4.1689-3ubuntu1.5

    To update your system, please follow these instructions:
    https://wiki.ubuntu.com/Security/Upgrades.

    In general, a standard system update will make all the necessary
    changes.

    References

    * CVE-2017-17087
    * CVE-2019-20807

    --- Mystic BBS v1.12 A46 (Linux/64)
    * Origin: BZ&BZ BBS (21:4/110)