MDVSA-2008:236-1

Package name

vim

Date

2008-12-08

Advisory ID

MDVSA-2008:236-1

Affected versions

2009.0 x86_64 , CS4.0 x86_64 , MNF2.0 i586 , 2008.0 i586 , 2009.0 i586 , CS3.0 x86_64 , 2008.0 x86_64 , CS3.0 i586 , 2008.1 x86_64 , 2008.1 i586 , CS4.0 i586

Problem description

Several vulnerabilities were found in the vim editor:

A number of input sanitization flaws were found in various vim
system functions. If a user were to open a specially crafted file,
it would be possible to execute arbitrary code as the user running vim
(CVE-2008-2712).

Ulf Härnhammar of Secunia Research found a format string flaw in
vim's help tags processor. If a user were tricked into executing the
helptags command on malicious data, it could result in the execution
of arbitrary code as the user running vim (CVE-2008-2953).

A flaw was found in how tar.vim handled TAR archive browsing. If a
user were to open a special TAR archive using the plugin, it could
result in the execution of arbitrary code as the user running vim
(CVE-2008-3074).

A flaw was found in how zip.vim handled ZIP archive browsing. If a
user were to open a special ZIP archive using the plugin, it could
result in the execution of arbitrary code as the user running vim
(CVE-2008-3075).

A number of security flaws were found in netrw.vim, the vim plugin
that provides the ability to read and write files over the network.
If a user opened a specially crafted file or directory with the netrw
plugin, it could result in the execution of arbitrary code as the
user running vim (CVE-2008-3076).

A number of input validation flaws were found in vim's keyword and
tag handling. If vim looked up a document's maliciously crafted
tag or keyword, it was possible to execute arbitary code as the user
running vim (CVE-2008-4101).

A vulnerability was found in certain versions of netrw.vim where it
would send FTP credentials stored for an FTP session to subsequent
FTP sessions to servers on different hosts, exposing FTP credentials
to remote hosts (CVE-2008-4677).

This update provides vim 7.2 (patchlevel 65) which corrects all of
these issues and introduces a number of new features and bug fixes.

Update:

The previous vim update incorrectly introduced a requirement on
libruby and also conflicted with a file from the git-core package
(in contribs). These issues have been corrected with these updated
packages.

Updated packages

2009.0 x86_64

 6c00a2bcd26eed82708f625b0c2f4ecc  2009.0/x86_64/vim-common-7.2.065-9.3mdv2009.0.x86_64.rpm
 2a9dcd8a41b17ba2849df2e1d0da077f  2009.0/x86_64/vim-enhanced-7.2.065-9.3mdv2009.0.x86_64.rpm
 effaa23409fe3358318c291db55f6e6b  2009.0/x86_64/vim-minimal-7.2.065-9.3mdv2009.0.x86_64.rpm
 7ca4a070928495e0e8081bbe0b845c51  2009.0/x86_64/vim-X11-7.2.065-9.3mdv2009.0.x86_64.rpm 
 26bb261499484986d9f352208dac6aab  2009.0/SRPMS/vim-7.2.065-9.3mdv2009.0.src.rpm

CS4.0 x86_64

 2956ef9554f0c8ffb523f243ad547ad0  corporate/4.0/x86_64/vim-common-7.2.065-8.3.20060mlcs4.x86_64.rpm
 5a8d2fbb71645fe83b977df339dd2069  corporate/4.0/x86_64/vim-enhanced-7.2.065-8.3.20060mlcs4.x86_64.rpm
 250987bbd2f083c308ea3849d9bdd524  corporate/4.0/x86_64/vim-minimal-7.2.065-8.3.20060mlcs4.x86_64.rpm
 3636d25dd546e0ea06cee2d9539aea81  corporate/4.0/x86_64/vim-X11-7.2.065-8.3.20060mlcs4.x86_64.rpm 
 cd60343d547090af2e9d0c3943d0aa81  corporate/4.0/SRPMS/vim-7.2.065-8.3.20060mlcs4.src.rpm

MNF2.0 i586

 520cc910d9ee606478a83ac015814d09  mnf/2.0/i586/vim-common-7.2.065-9.3.C30mdk.i586.rpm
 c826084eb33961639c40377fc9b6a9b4  mnf/2.0/i586/vim-enhanced-7.2.065-9.3.C30mdk.i586.rpm
 2f724da0fe5da0022b298262f1188aa5  mnf/2.0/i586/vim-minimal-7.2.065-9.3.C30mdk.i586.rpm 
 1b626e0380d726aa8072089bd94eadfd  mnf/2.0/SRPMS/vim-7.2.065-9.3.C30mdk.src.rpm

2008.0 i586

 1ebd5f8b6c0743bab3db3113c2bb5498  2008.0/i586/vim-common-7.2.065-9.3mdv2008.0.i586.rpm
 ecad30a24814aa1543f3e9f4548c0d8e  2008.0/i586/vim-enhanced-7.2.065-9.3mdv2008.0.i586.rpm
 a62bc45e20c7cb05ea99471949fa057b  2008.0/i586/vim-minimal-7.2.065-9.3mdv2008.0.i586.rpm
 e5431f23309139db47583d100ebec5fc  2008.0/i586/vim-X11-7.2.065-9.3mdv2008.0.i586.rpm 
 f2413164a86b6635ee5ff016c3527d64  2008.0/SRPMS/vim-7.2.065-9.3mdv2008.0.src.rpm

2009.0 i586

 39b17b1ac441ba27254daeac8e593de6  2009.0/i586/vim-common-7.2.065-9.3mdv2009.0.i586.rpm
 477cbeec330709630426f06c474e3c48  2009.0/i586/vim-enhanced-7.2.065-9.3mdv2009.0.i586.rpm
 3ae2bf83194b6a323e78e09874a9cb3d  2009.0/i586/vim-minimal-7.2.065-9.3mdv2009.0.i586.rpm
 02c54fb5e618484f6312ddf0b98cb08b  2009.0/i586/vim-X11-7.2.065-9.3mdv2009.0.i586.rpm 
 26bb261499484986d9f352208dac6aab  2009.0/SRPMS/vim-7.2.065-9.3mdv2009.0.src.rpm

CS3.0 x86_64

 65e2168ca42319b7ba79f7dfe0e2143f  corporate/3.0/x86_64/vim-common-7.2.065-9.3.C30mdk.x86_64.rpm
 85092d93a8a040c567ce59d0512d8847  corporate/3.0/x86_64/vim-enhanced-7.2.065-9.3.C30mdk.x86_64.rpm
 dff08e81f6c2cede1de99ae96700178f  corporate/3.0/x86_64/vim-minimal-7.2.065-9.3.C30mdk.x86_64.rpm
 f299fe329b20cefb391976ffb9664b39  corporate/3.0/x86_64/vim-X11-7.2.065-9.3.C30mdk.x86_64.rpm 
 9f059fa975e2d851e66f5e1eff88d3d0  corporate/3.0/SRPMS/vim-7.2.065-9.3.C30mdk.src.rpm

2008.0 x86_64

 3fc6eb1eda476d642947ecaab7a225f2  2008.0/x86_64/vim-common-7.2.065-9.3mdv2008.0.x86_64.rpm
 0edf2753ba8a00f8d866e559f7a2192b  2008.0/x86_64/vim-enhanced-7.2.065-9.3mdv2008.0.x86_64.rpm
 692d5032e705bfda05b2b2618b8369d6  2008.0/x86_64/vim-minimal-7.2.065-9.3mdv2008.0.x86_64.rpm
 87bf7a4fba22dc1773b544eeb412db06  2008.0/x86_64/vim-X11-7.2.065-9.3mdv2008.0.x86_64.rpm 
 f2413164a86b6635ee5ff016c3527d64  2008.0/SRPMS/vim-7.2.065-9.3mdv2008.0.src.rpm

CS3.0 i586

 474ad132ad608caf03176e33b81359f8  corporate/3.0/i586/vim-common-7.2.065-9.3.C30mdk.i586.rpm
 1349e3dcc99a0e100e185f344efabe3d  corporate/3.0/i586/vim-enhanced-7.2.065-9.3.C30mdk.i586.rpm
 5ee98b1525bd32dec3af623474c6ade4  corporate/3.0/i586/vim-minimal-7.2.065-9.3.C30mdk.i586.rpm
 3327eedd3e14cb7b426cdf0ba07ef5ed  corporate/3.0/i586/vim-X11-7.2.065-9.3.C30mdk.i586.rpm 
 9f059fa975e2d851e66f5e1eff88d3d0  corporate/3.0/SRPMS/vim-7.2.065-9.3.C30mdk.src.rpm

2008.1 x86_64

 f8375b1d25260274ef2b081eec0396ea  2008.1/x86_64/vim-common-7.2.065-9.3mdv2008.1.x86_64.rpm
 20577d11a3a22ff802a7e1c749099b76  2008.1/x86_64/vim-enhanced-7.2.065-9.3mdv2008.1.x86_64.rpm
 1aa16e6fb134f57f4faefb319bdd6840  2008.1/x86_64/vim-minimal-7.2.065-9.3mdv2008.1.x86_64.rpm
 99e25a76291297900ffce76e81e87e20  2008.1/x86_64/vim-X11-7.2.065-9.3mdv2008.1.x86_64.rpm 
 d007fce1a939ef4e1841cf54c68dbdd0  2008.1/SRPMS/vim-7.2.065-9.3mdv2008.1.src.rpm

2008.1 i586

 c934d47ecaa0ed9d9bff2b89fea74f20  2008.1/i586/vim-common-7.2.065-9.3mdv2008.1.i586.rpm
 714185e359626acb9d22a88c54608a38  2008.1/i586/vim-enhanced-7.2.065-9.3mdv2008.1.i586.rpm
 59d119574eb3dc453305bed6da73a12e  2008.1/i586/vim-minimal-7.2.065-9.3mdv2008.1.i586.rpm
 4543e6fba5116a1d95fddfee3ce73613  2008.1/i586/vim-X11-7.2.065-9.3mdv2008.1.i586.rpm 
 d007fce1a939ef4e1841cf54c68dbdd0  2008.1/SRPMS/vim-7.2.065-9.3mdv2008.1.src.rpm

CS4.0 i586

 37db43f0c3855a4c86d5237f4e5f292f  corporate/4.0/i586/vim-common-7.2.065-8.3.20060mlcs4.i586.rpm
 9ed45a0dd9eb354a508c893a2e177662  corporate/4.0/i586/vim-enhanced-7.2.065-8.3.20060mlcs4.i586.rpm
 6117088ff587d3b96090dc5232a37a36  corporate/4.0/i586/vim-minimal-7.2.065-8.3.20060mlcs4.i586.rpm
 61747391c926c371c679984941a5bfb9  corporate/4.0/i586/vim-X11-7.2.065-8.3.20060mlcs4.i586.rpm 
 cd60343d547090af2e9d0c3943d0aa81  corporate/4.0/SRPMS/vim-7.2.065-8.3.20060mlcs4.src.rpm

References

• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4677
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4101
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3076
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3075
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3074
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2953
• http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712