Nom du paquet
vim
Date
2009-02-24
Advisory ID
MDVSA-2009:047-1
Affected versions
2008.0 i586 , 2008.0 x86_64

Problem description

Python has a variable called sys.path that contains all paths where
Python loads modules by using import scripting procedure. A wrong
handling of that variable enables local attackers to execute arbitrary
code via Python scripting in the current Vim working directory
(CVE-2009-0316).

This update provides fix for that vulnerability.

Update:

This update also provides updated packages for Mandriva Linux 2008.0.

Updated packages

2008.0 i586

 436928143868ce9f34832375a10709bc  2008.0/i586/vim-common-7.2.065-9.4mdv2008.0.i586.rpm
 f974a2fc48971d4e6e49f09c112fff0a  2008.0/i586/vim-enhanced-7.2.065-9.4mdv2008.0.i586.rpm
 673a6e6bfc2e6bc329182453ca9a139a  2008.0/i586/vim-minimal-7.2.065-9.4mdv2008.0.i586.rpm
 db5c6e47b9ba3c413ae5bdbd4f2a27a8  2008.0/i586/vim-X11-7.2.065-9.4mdv2008.0.i586.rpm 
 03b7ff33bf257f18929dd758f97f208c  2008.0/SRPMS/vim-7.2.065-9.4mdv2008.0.src.rpm

2008.0 x86_64

 f647d006195b0b753fdd64aa52cc090a  2008.0/x86_64/vim-common-7.2.065-9.4mdv2008.0.x86_64.rpm
 e5146968fb87dc62e16977d773606210  2008.0/x86_64/vim-enhanced-7.2.065-9.4mdv2008.0.x86_64.rpm
 e68f05cc9074353ad5d4ba6266fbbf4c  2008.0/x86_64/vim-minimal-7.2.065-9.4mdv2008.0.x86_64.rpm
 62872d970553e355e0f9c5c6c784e86e  2008.0/x86_64/vim-X11-7.2.065-9.4mdv2008.0.x86_64.rpm 
 03b7ff33bf257f18929dd758f97f208c  2008.0/SRPMS/vim-7.2.065-9.4mdv2008.0.src.rpm

References