-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 _______________________________________________________________________ Mandriva Linux Security Advisory MDVSA-2008:236-1 http://www.mandriva.com/security/ _______________________________________________________________________ Package : vim Date : December 8, 2008 Affected: 2008.0, 2008.1, 2009.0, Corporate 3.0, Corporate 4.0, Multi Network Firewall 2.0 _______________________________________________________________________ Problem Description: Several vulnerabilities were found in the vim editor: A number of input sanitization flaws were found in various vim system functions. If a user were to open a specially crafted file, it would be possible to execute arbitrary code as the user running vim (CVE-2008-2712). Ulf Härnhammar of Secunia Research found a format string flaw in vim's help tags processor. If a user were tricked into executing the helptags command on malicious data, it could result in the execution of arbitrary code as the user running vim (CVE-2008-2953). A flaw was found in how tar.vim handled TAR archive browsing. If a user were to open a special TAR archive using the plugin, it could result in the execution of arbitrary code as the user running vim (CVE-2008-3074). A flaw was found in how zip.vim handled ZIP archive browsing. If a user were to open a special ZIP archive using the plugin, it could result in the execution of arbitrary code as the user running vim (CVE-2008-3075). A number of security flaws were found in netrw.vim, the vim plugin that provides the ability to read and write files over the network. If a user opened a specially crafted file or directory with the netrw plugin, it could result in the execution of arbitrary code as the user running vim (CVE-2008-3076). A number of input validation flaws were found in vim's keyword and tag handling. If vim looked up a document's maliciously crafted tag or keyword, it was possible to execute arbitary code as the user running vim (CVE-2008-4101). A vulnerability was found in certain versions of netrw.vim where it would send FTP credentials stored for an FTP session to subsequent FTP sessions to servers on different hosts, exposing FTP credentials to remote hosts (CVE-2008-4677). This update provides vim 7.2 (patchlevel 65) which corrects all of these issues and introduces a number of new features and bug fixes. Update: The previous vim update incorrectly introduced a requirement on libruby and also conflicted with a file from the git-core package (in contribs). These issues have been corrected with these updated packages. _______________________________________________________________________ References: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2953 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3074 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3075 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3076 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4101 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4677 _______________________________________________________________________ Updated Packages: Mandriva Linux 2008.0: 1ebd5f8b6c0743bab3db3113c2bb5498 2008.0/i586/vim-common-7.2.065-9.3mdv2008.0.i586.rpm ecad30a24814aa1543f3e9f4548c0d8e 2008.0/i586/vim-enhanced-7.2.065-9.3mdv2008.0.i586.rpm a62bc45e20c7cb05ea99471949fa057b 2008.0/i586/vim-minimal-7.2.065-9.3mdv2008.0.i586.rpm e5431f23309139db47583d100ebec5fc 2008.0/i586/vim-X11-7.2.065-9.3mdv2008.0.i586.rpm f2413164a86b6635ee5ff016c3527d64 2008.0/SRPMS/vim-7.2.065-9.3mdv2008.0.src.rpm Mandriva Linux 2008.0/X86_64: 3fc6eb1eda476d642947ecaab7a225f2 2008.0/x86_64/vim-common-7.2.065-9.3mdv2008.0.x86_64.rpm 0edf2753ba8a00f8d866e559f7a2192b 2008.0/x86_64/vim-enhanced-7.2.065-9.3mdv2008.0.x86_64.rpm 692d5032e705bfda05b2b2618b8369d6 2008.0/x86_64/vim-minimal-7.2.065-9.3mdv2008.0.x86_64.rpm 87bf7a4fba22dc1773b544eeb412db06 2008.0/x86_64/vim-X11-7.2.065-9.3mdv2008.0.x86_64.rpm f2413164a86b6635ee5ff016c3527d64 2008.0/SRPMS/vim-7.2.065-9.3mdv2008.0.src.rpm Mandriva Linux 2008.1: c934d47ecaa0ed9d9bff2b89fea74f20 2008.1/i586/vim-common-7.2.065-9.3mdv2008.1.i586.rpm 714185e359626acb9d22a88c54608a38 2008.1/i586/vim-enhanced-7.2.065-9.3mdv2008.1.i586.rpm 59d119574eb3dc453305bed6da73a12e 2008.1/i586/vim-minimal-7.2.065-9.3mdv2008.1.i586.rpm 4543e6fba5116a1d95fddfee3ce73613 2008.1/i586/vim-X11-7.2.065-9.3mdv2008.1.i586.rpm d007fce1a939ef4e1841cf54c68dbdd0 2008.1/SRPMS/vim-7.2.065-9.3mdv2008.1.src.rpm Mandriva Linux 2008.1/X86_64: f8375b1d25260274ef2b081eec0396ea 2008.1/x86_64/vim-common-7.2.065-9.3mdv2008.1.x86_64.rpm 20577d11a3a22ff802a7e1c749099b76 2008.1/x86_64/vim-enhanced-7.2.065-9.3mdv2008.1.x86_64.rpm 1aa16e6fb134f57f4faefb319bdd6840 2008.1/x86_64/vim-minimal-7.2.065-9.3mdv2008.1.x86_64.rpm 99e25a76291297900ffce76e81e87e20 2008.1/x86_64/vim-X11-7.2.065-9.3mdv2008.1.x86_64.rpm d007fce1a939ef4e1841cf54c68dbdd0 2008.1/SRPMS/vim-7.2.065-9.3mdv2008.1.src.rpm Mandriva Linux 2009.0: 39b17b1ac441ba27254daeac8e593de6 2009.0/i586/vim-common-7.2.065-9.3mdv2009.0.i586.rpm 477cbeec330709630426f06c474e3c48 2009.0/i586/vim-enhanced-7.2.065-9.3mdv2009.0.i586.rpm 3ae2bf83194b6a323e78e09874a9cb3d 2009.0/i586/vim-minimal-7.2.065-9.3mdv2009.0.i586.rpm 02c54fb5e618484f6312ddf0b98cb08b 2009.0/i586/vim-X11-7.2.065-9.3mdv2009.0.i586.rpm 26bb261499484986d9f352208dac6aab 2009.0/SRPMS/vim-7.2.065-9.3mdv2009.0.src.rpm Mandriva Linux 2009.0/X86_64: 6c00a2bcd26eed82708f625b0c2f4ecc 2009.0/x86_64/vim-common-7.2.065-9.3mdv2009.0.x86_64.rpm 2a9dcd8a41b17ba2849df2e1d0da077f 2009.0/x86_64/vim-enhanced-7.2.065-9.3mdv2009.0.x86_64.rpm effaa23409fe3358318c291db55f6e6b 2009.0/x86_64/vim-minimal-7.2.065-9.3mdv2009.0.x86_64.rpm 7ca4a070928495e0e8081bbe0b845c51 2009.0/x86_64/vim-X11-7.2.065-9.3mdv2009.0.x86_64.rpm 26bb261499484986d9f352208dac6aab 2009.0/SRPMS/vim-7.2.065-9.3mdv2009.0.src.rpm Corporate 3.0: 474ad132ad608caf03176e33b81359f8 corporate/3.0/i586/vim-common-7.2.065-9.3.C30mdk.i586.rpm 1349e3dcc99a0e100e185f344efabe3d corporate/3.0/i586/vim-enhanced-7.2.065-9.3.C30mdk.i586.rpm 5ee98b1525bd32dec3af623474c6ade4 corporate/3.0/i586/vim-minimal-7.2.065-9.3.C30mdk.i586.rpm 3327eedd3e14cb7b426cdf0ba07ef5ed corporate/3.0/i586/vim-X11-7.2.065-9.3.C30mdk.i586.rpm 9f059fa975e2d851e66f5e1eff88d3d0 corporate/3.0/SRPMS/vim-7.2.065-9.3.C30mdk.src.rpm Corporate 3.0/X86_64: 65e2168ca42319b7ba79f7dfe0e2143f corporate/3.0/x86_64/vim-common-7.2.065-9.3.C30mdk.x86_64.rpm 85092d93a8a040c567ce59d0512d8847 corporate/3.0/x86_64/vim-enhanced-7.2.065-9.3.C30mdk.x86_64.rpm dff08e81f6c2cede1de99ae96700178f corporate/3.0/x86_64/vim-minimal-7.2.065-9.3.C30mdk.x86_64.rpm f299fe329b20cefb391976ffb9664b39 corporate/3.0/x86_64/vim-X11-7.2.065-9.3.C30mdk.x86_64.rpm 9f059fa975e2d851e66f5e1eff88d3d0 corporate/3.0/SRPMS/vim-7.2.065-9.3.C30mdk.src.rpm Corporate 4.0: 37db43f0c3855a4c86d5237f4e5f292f corporate/4.0/i586/vim-common-7.2.065-8.3.20060mlcs4.i586.rpm 9ed45a0dd9eb354a508c893a2e177662 corporate/4.0/i586/vim-enhanced-7.2.065-8.3.20060mlcs4.i586.rpm 6117088ff587d3b96090dc5232a37a36 corporate/4.0/i586/vim-minimal-7.2.065-8.3.20060mlcs4.i586.rpm 61747391c926c371c679984941a5bfb9 corporate/4.0/i586/vim-X11-7.2.065-8.3.20060mlcs4.i586.rpm cd60343d547090af2e9d0c3943d0aa81 corporate/4.0/SRPMS/vim-7.2.065-8.3.20060mlcs4.src.rpm Corporate 4.0/X86_64: 2956ef9554f0c8ffb523f243ad547ad0 corporate/4.0/x86_64/vim-common-7.2.065-8.3.20060mlcs4.x86_64.rpm 5a8d2fbb71645fe83b977df339dd2069 corporate/4.0/x86_64/vim-enhanced-7.2.065-8.3.20060mlcs4.x86_64.rpm 250987bbd2f083c308ea3849d9bdd524 corporate/4.0/x86_64/vim-minimal-7.2.065-8.3.20060mlcs4.x86_64.rpm 3636d25dd546e0ea06cee2d9539aea81 corporate/4.0/x86_64/vim-X11-7.2.065-8.3.20060mlcs4.x86_64.rpm cd60343d547090af2e9d0c3943d0aa81 corporate/4.0/SRPMS/vim-7.2.065-8.3.20060mlcs4.src.rpm Multi Network Firewall 2.0: 520cc910d9ee606478a83ac015814d09 mnf/2.0/i586/vim-common-7.2.065-9.3.C30mdk.i586.rpm c826084eb33961639c40377fc9b6a9b4 mnf/2.0/i586/vim-enhanced-7.2.065-9.3.C30mdk.i586.rpm 2f724da0fe5da0022b298262f1188aa5 mnf/2.0/i586/vim-minimal-7.2.065-9.3.C30mdk.i586.rpm 1b626e0380d726aa8072089bd94eadfd mnf/2.0/SRPMS/vim-7.2.065-9.3.C30mdk.src.rpm _______________________________________________________________________ To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you. All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing: gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98 You can view other update advisories for Mandriva Linux at: http://www.mandriva.com/security/advisories If you want to report vulnerabilities, please contact security_(at)_mandriva.com _______________________________________________________________________ Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iD8DBQFJPatcmqjQ0CJFipgRAp3vAJwMcdTivDsR5SM0N9sW/hnYXOb/YgCdFnRx 2uGyk940O65ZfGdUVa1xrEo= =7tdF -----END PGP SIGNATURE-----