Red Hat Product Errata RHSA-2005:745 - Security Advisory
Issued:
2005-08-22
Updated:
2005-08-22

RHSA-2005:745 - Security Advisory

Synopsis

vim security update

Type/Severity

Security Advisory: Low

Red Hat Lightspeed patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

Updated vim packages that fix a security issue are now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

Description

VIM (VIsual editor iMproved) is a version of the vi editor.

A bug was found in the way VIM processes modelines. If a user with
modelines enabled opens a text file with a carefully crafted modeline,
arbitrary commands may be executed as the user running VIM. The Common
Vulnerabilities and Exposures project has assigned the name CAN-2005-2368
to this issue.

Users of VIM are advised to upgrade to these updated packages, which
resolve this issue.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.

Affected Products

  • Red Hat Enterprise Linux Server 4 x86_64
  • Red Hat Enterprise Linux Server 4 ia64
  • Red Hat Enterprise Linux Server 4 i386
  • Red Hat Enterprise Linux Server 3 x86_64
  • Red Hat Enterprise Linux Server 3 ia64
  • Red Hat Enterprise Linux Server 3 i386
  • Red Hat Enterprise Linux Server 2 ia64
  • Red Hat Enterprise Linux Server 2 i386
  • Red Hat Enterprise Linux Workstation 4 x86_64
  • Red Hat Enterprise Linux Workstation 4 ia64
  • Red Hat Enterprise Linux Workstation 4 i386
  • Red Hat Enterprise Linux Workstation 3 x86_64
  • Red Hat Enterprise Linux Workstation 3 ia64
  • Red Hat Enterprise Linux Workstation 3 i386
  • Red Hat Enterprise Linux Workstation 2 ia64
  • Red Hat Enterprise Linux Workstation 2 i386
  • Red Hat Enterprise Linux Desktop 4 x86_64
  • Red Hat Enterprise Linux Desktop 4 i386
  • Red Hat Enterprise Linux Desktop 3 x86_64
  • Red Hat Enterprise Linux Desktop 3 i386
  • Red Hat Enterprise Linux for IBM z Systems 4 s390x
  • Red Hat Enterprise Linux for IBM z Systems 4 s390
  • Red Hat Enterprise Linux for IBM z Systems 3 s390x
  • Red Hat Enterprise Linux for IBM z Systems 3 s390
  • Red Hat Enterprise Linux for Power, big endian 4 ppc
  • Red Hat Enterprise Linux for Power, big endian 3 ppc

Fixes

  • BZ - 164279 - CAN-2005-2368 vim modeline arbitrary command execution

Red Hat Enterprise Linux Server 4

SRPM
x86_64
vim-X11-6.3.046-0.40E.7.x86_64.rpm SHA-256: 98f69da37966950bbf30102350fc47c9828c30bc319a1ef631868db5086bb5a3
vim-X11-6.3.046-0.40E.7.x86_64.rpm SHA-256: 98f69da37966950bbf30102350fc47c9828c30bc319a1ef631868db5086bb5a3
vim-common-6.3.046-0.40E.7.x86_64.rpm SHA-256: a8f8f0a83c598b55a36f6633ce1cb6e7b15574ccfc1c0bc905788ea8d7f3acf7
vim-common-6.3.046-0.40E.7.x86_64.rpm SHA-256: a8f8f0a83c598b55a36f6633ce1cb6e7b15574ccfc1c0bc905788ea8d7f3acf7
vim-enhanced-6.3.046-0.40E.7.x86_64.rpm SHA-256: 34b509035f4a1207f01fc351e30a9c000baf057f01eea7fe46cc8b2da9a05d59
vim-enhanced-6.3.046-0.40E.7.x86_64.rpm SHA-256: 34b509035f4a1207f01fc351e30a9c000baf057f01eea7fe46cc8b2da9a05d59
vim-minimal-6.3.046-0.40E.7.x86_64.rpm SHA-256: 21549a39ae3829fd672cc35b420d5e5ccccf7c1c107bcdc305773122a87d10b1
vim-minimal-6.3.046-0.40E.7.x86_64.rpm SHA-256: 21549a39ae3829fd672cc35b420d5e5ccccf7c1c107bcdc305773122a87d10b1
ia64
vim-X11-6.3.046-0.40E.7.ia64.rpm SHA-256: 65b6b3efc5c560d11c6a58968e5cfa2c83f56e4ed528254cc2b6a6775224776f
vim-X11-6.3.046-0.40E.7.ia64.rpm SHA-256: 65b6b3efc5c560d11c6a58968e5cfa2c83f56e4ed528254cc2b6a6775224776f
vim-common-6.3.046-0.40E.7.ia64.rpm SHA-256: 8e9117734168e301baa854d5dcda858da108516af6410311c0458a0cc2049fbc
vim-common-6.3.046-0.40E.7.ia64.rpm SHA-256: 8e9117734168e301baa854d5dcda858da108516af6410311c0458a0cc2049fbc
vim-enhanced-6.3.046-0.40E.7.ia64.rpm SHA-256: 6439d2b53d4640e14c5c0245bb41f0418fa12ad739bb1f35dddf6c06b303295b
vim-enhanced-6.3.046-0.40E.7.ia64.rpm SHA-256: 6439d2b53d4640e14c5c0245bb41f0418fa12ad739bb1f35dddf6c06b303295b
vim-minimal-6.3.046-0.40E.7.ia64.rpm SHA-256: f6d8156b706dd92a5747b1910a02764d76e28339c601668799d6eec58160f0a1
vim-minimal-6.3.046-0.40E.7.ia64.rpm SHA-256: f6d8156b706dd92a5747b1910a02764d76e28339c601668799d6eec58160f0a1
i386
vim-X11-6.3.046-0.40E.7.i386.rpm SHA-256: 703b35b46a85fbf0fa5e9bfc888c6f14630697fb892dcef88e30b19144547fa5
vim-X11-6.3.046-0.40E.7.i386.rpm SHA-256: 703b35b46a85fbf0fa5e9bfc888c6f14630697fb892dcef88e30b19144547fa5
vim-common-6.3.046-0.40E.7.i386.rpm SHA-256: 5ca1349d5e2debcefbc2e565b18af4066e5ceee90cfa2abe22935f90abda8ccc
vim-common-6.3.046-0.40E.7.i386.rpm SHA-256: 5ca1349d5e2debcefbc2e565b18af4066e5ceee90cfa2abe22935f90abda8ccc
vim-enhanced-6.3.046-0.40E.7.i386.rpm SHA-256: 872150a6d92b414a4f818c006334f7f6856075d5943855107898d82ee7a981bd
vim-enhanced-6.3.046-0.40E.7.i386.rpm SHA-256: 872150a6d92b414a4f818c006334f7f6856075d5943855107898d82ee7a981bd
vim-minimal-6.3.046-0.40E.7.i386.rpm SHA-256: 3aa89715f8bb8fcf23b85d9db4cf3c439085aa9727e1c4da7fbbf07d71d02be3
vim-minimal-6.3.046-0.40E.7.i386.rpm SHA-256: 3aa89715f8bb8fcf23b85d9db4cf3c439085aa9727e1c4da7fbbf07d71d02be3

Red Hat Enterprise Linux Server 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Server 2

SRPM
ia64
i386

Red Hat Enterprise Linux Workstation 4

SRPM
x86_64
vim-X11-6.3.046-0.40E.7.x86_64.rpm SHA-256: 98f69da37966950bbf30102350fc47c9828c30bc319a1ef631868db5086bb5a3
vim-common-6.3.046-0.40E.7.x86_64.rpm SHA-256: a8f8f0a83c598b55a36f6633ce1cb6e7b15574ccfc1c0bc905788ea8d7f3acf7
vim-enhanced-6.3.046-0.40E.7.x86_64.rpm SHA-256: 34b509035f4a1207f01fc351e30a9c000baf057f01eea7fe46cc8b2da9a05d59
vim-minimal-6.3.046-0.40E.7.x86_64.rpm SHA-256: 21549a39ae3829fd672cc35b420d5e5ccccf7c1c107bcdc305773122a87d10b1
ia64
vim-X11-6.3.046-0.40E.7.ia64.rpm SHA-256: 65b6b3efc5c560d11c6a58968e5cfa2c83f56e4ed528254cc2b6a6775224776f
vim-common-6.3.046-0.40E.7.ia64.rpm SHA-256: 8e9117734168e301baa854d5dcda858da108516af6410311c0458a0cc2049fbc
vim-enhanced-6.3.046-0.40E.7.ia64.rpm SHA-256: 6439d2b53d4640e14c5c0245bb41f0418fa12ad739bb1f35dddf6c06b303295b
vim-minimal-6.3.046-0.40E.7.ia64.rpm SHA-256: f6d8156b706dd92a5747b1910a02764d76e28339c601668799d6eec58160f0a1
i386
vim-X11-6.3.046-0.40E.7.i386.rpm SHA-256: 703b35b46a85fbf0fa5e9bfc888c6f14630697fb892dcef88e30b19144547fa5
vim-common-6.3.046-0.40E.7.i386.rpm SHA-256: 5ca1349d5e2debcefbc2e565b18af4066e5ceee90cfa2abe22935f90abda8ccc
vim-enhanced-6.3.046-0.40E.7.i386.rpm SHA-256: 872150a6d92b414a4f818c006334f7f6856075d5943855107898d82ee7a981bd
vim-minimal-6.3.046-0.40E.7.i386.rpm SHA-256: 3aa89715f8bb8fcf23b85d9db4cf3c439085aa9727e1c4da7fbbf07d71d02be3

Red Hat Enterprise Linux Workstation 3

SRPM
x86_64
ia64
i386

Red Hat Enterprise Linux Workstation 2

SRPM
ia64
i386

Red Hat Enterprise Linux Desktop 4

SRPM
x86_64
vim-X11-6.3.046-0.40E.7.x86_64.rpm SHA-256: 98f69da37966950bbf30102350fc47c9828c30bc319a1ef631868db5086bb5a3
vim-common-6.3.046-0.40E.7.x86_64.rpm SHA-256: a8f8f0a83c598b55a36f6633ce1cb6e7b15574ccfc1c0bc905788ea8d7f3acf7
vim-enhanced-6.3.046-0.40E.7.x86_64.rpm SHA-256: 34b509035f4a1207f01fc351e30a9c000baf057f01eea7fe46cc8b2da9a05d59
vim-minimal-6.3.046-0.40E.7.x86_64.rpm SHA-256: 21549a39ae3829fd672cc35b420d5e5ccccf7c1c107bcdc305773122a87d10b1
i386
vim-X11-6.3.046-0.40E.7.i386.rpm SHA-256: 703b35b46a85fbf0fa5e9bfc888c6f14630697fb892dcef88e30b19144547fa5
vim-common-6.3.046-0.40E.7.i386.rpm SHA-256: 5ca1349d5e2debcefbc2e565b18af4066e5ceee90cfa2abe22935f90abda8ccc
vim-enhanced-6.3.046-0.40E.7.i386.rpm SHA-256: 872150a6d92b414a4f818c006334f7f6856075d5943855107898d82ee7a981bd
vim-minimal-6.3.046-0.40E.7.i386.rpm SHA-256: 3aa89715f8bb8fcf23b85d9db4cf3c439085aa9727e1c4da7fbbf07d71d02be3

Red Hat Enterprise Linux Desktop 3

SRPM
x86_64
i386

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
s390x
vim-X11-6.3.046-0.40E.7.s390x.rpm SHA-256: 93859f767eb267c0572e6cdc45eacf1dc9c916b19ae7f0dcc9ecc72ad61b7a65
vim-common-6.3.046-0.40E.7.s390x.rpm SHA-256: 74d0c75c9c7288a39789b0ae554b7b263271f9ec9f2473e96bb20d1f91530a89
vim-enhanced-6.3.046-0.40E.7.s390x.rpm SHA-256: 829afe647b1c56ae3aa750b06732c9832dde3115708a13cdce1791c2dc22cb04
vim-minimal-6.3.046-0.40E.7.s390x.rpm SHA-256: bd4d7aee3d16325379f784d6b2e2d75e201c715274812a80aa5e583dc0c59f92
s390
vim-X11-6.3.046-0.40E.7.s390.rpm SHA-256: def213890e57e952c20dc8eb883d2e1a331ed1b8f53ce9609cc88ecdedace3a7
vim-common-6.3.046-0.40E.7.s390.rpm SHA-256: 2f073cccbd548996214d422267170bdd7faa828bab92ca0d243622278e87df49
vim-enhanced-6.3.046-0.40E.7.s390.rpm SHA-256: bf27fff27707fa1d73ceec1d52a2a05d2b5548e48b00e859a409603ce281b058
vim-minimal-6.3.046-0.40E.7.s390.rpm SHA-256: 93dd1ad40b5c1f17f086adea4c687c9b216c2367312a16ff33650e267093dce3

Red Hat Enterprise Linux for IBM z Systems 3

SRPM
s390x
s390

Red Hat Enterprise Linux for Power, big endian 4

SRPM
ppc
vim-X11-6.3.046-0.40E.7.ppc.rpm SHA-256: 215829945ae96da91e14bd14bb61eed786f0ea141d5b557b21fc4033a9b1300f
vim-common-6.3.046-0.40E.7.ppc.rpm SHA-256: d6e6f77b5d7bd4be3416a99cd599465e489d73f072f1d93b435082db42f5d4c0
vim-enhanced-6.3.046-0.40E.7.ppc.rpm SHA-256: d9f85184d6cd0d8c4b0830375af889ca646ea13d7cc0d626b0fbda979642387b
vim-minimal-6.3.046-0.40E.7.ppc.rpm SHA-256: 43063ffd1b6ae26474a2d235928de7786486697c70560a4a23fa1e215d5f8d6b

Red Hat Enterprise Linux for Power, big endian 3

SRPM
ppc

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.