stable-security update of vim

Steffen Joeris steffen.joeris at skolelinux.de
Thu Jan 29 16:32:55 UTC 2009


Hi,
the following CVE (Common Vulnerabilities & Exposures) ids were
published for vim and seem to affect the packages in stable.

CVE-2008-2712[0]:
| Vim 7.1.314, 6.4, and other versions allows user-assisted remote
| attackers to execute arbitrary commands via Vim scripts that do not
| properly sanitize inputs before invoking the execute or system
| functions, as demonstrated using (1) filetype.vim, (2) zipplugin, (3)
| xpm.vim, (4) gzip_vim, and (5) netrw.

CVE-2008-3074[1]:
| ** RESERVED **
| This candidate has been reserved by an organization or individual that
| will use it when announcing a new security problem.  When the
| candidate has been publicized, the details for this candidate will be
| provided.

CVE-2008-3075[2]:
| ** RESERVED **
| This candidate has been reserved by an organization or individual that
| will use it when announcing a new security problem.  When the
| candidate has been publicized, the details for this candidate will be
| provided.

CVE-2008-3076[3]:
| ** RESERVED **
| This candidate has been reserved by an organization or individual that
| will use it when announcing a new security problem.  When the
| candidate has been publicized, the details for this candidate will be
| provided.

CVE-2008-4101[4]:
| Vim 3.0 through 7.x before 7.2.010 does not properly escape
| characters, which allows user-assisted attackers to (1) execute
| arbitrary shell commands by entering a K keystroke on a line that
| contains a ";" (semicolon) followed by a command, or execute arbitrary
| Ex commands by entering an argument after a (2) "Ctrl-]" (control
| close-square-bracket) or (3) "g]" (g close-square-bracket) keystroke
| sequence, a different issue than CVE-2008-2712.

For the reserved issues, there is a bugreport in the BTS with more 
information.

We would like to issue a DSA for these CVEs and were wondering, whether you as 
the maintainers could provide packages for stable-security?

It would be great, if you could send us a full debdiff.
Thanks in advance for your work.

Cheers
Steffen

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-2712
    http://security-tracker.debian.net/tracker/CVE-2008-2712
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3074
    http://security-tracker.debian.net/tracker/CVE-2008-3074
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3075
    http://security-tracker.debian.net/tracker/CVE-2008-3075
[3] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3076
    http://security-tracker.debian.net/tracker/CVE-2008-3076
[4] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4101
    http://security-tracker.debian.net/tracker/CVE-2008-4101
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/pkg-vim-maintainers/attachments/20090129/29569ccb/attachment.pgp 


More information about the pkg-vim-maintainers mailing list