Univention Bugzilla – Bug 43111
vim: Multiple issues (4.1)
Last modified: 2017-08-16 13:34:10 CEST
Upstream Debian package version 2:7.3.547-7+deb7u1 fixes this issue: * vim before patch 8.0.0056 does not properly validate values for the 'filetype', 'syntax' and 'keymap' options, which may result in the execution of arbitrary code if a file with a specially crafted modeline is opened. (CVE-2016-1248)
Upstream Debian package version 2:7.3.547-7+deb7u2 additionally fixes: * buffer overflow if a spellfile has an invalid length in it. (Closes: #854969, CVE-2017-5953)
Upstream Debian package version 2:7.3.547-7+deb7u3 fixes: * An integer overflow at a u_read_undo memory allocation site would occur for vim before patch 8.0.0377, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. (CVE-2017-6349) * An integer overflow at an unserialize_uep memory allocation site would occur for vim before patch 8.0.0378, if it does not properly validate values for tree length when reading a corrupted undo file, which may lead to resultant buffer overflows. (CVE-2017-6350) Max CVSS of 6.8 for CVE-2016-1248
2:7.3.547-7+deb7u4 fixes: * denial of service (invalid free) or possibly unspecified other impact via a crafted source (aka -S) file. There might be a limited number of scenarios in which this has security relevance. (CVE-2017-11109)
repo_admin.py -U -d wheezy -r 4.1 -s errata4.1-4 -p vim b41-scope errata4.1-4 vim Advisory: vim.yaml
Looks good What I tested: Opened a file in vim -> OK changelog -> OK YAML -> OK Verified
<http://errata.software-univention.de/ucs/4.1/450.html>