Red Hat Product Errata RHSA-2005:745 - Security Advisory

Issued:: 2005-08-22
Updated:: 2005-08-22

RHSA-2005:745 - Security Advisory

Overview
Updated Packages

Synopsis

vim security update

Type/Severity

Security Advisory: Low

Topic

Updated vim packages that fix a security issue are now available.

This update has been rated as having low security impact by the Red Hat
Security Response Team.

Description

VIM (VIsual editor iMproved) is a version of the vi editor.

A bug was found in the way VIM processes modelines. If a user with
modelines enabled opens a text file with a carefully crafted modeline,
arbitrary commands may be executed as the user running VIM. The Common
Vulnerabilities and Exposures project has assigned the name CAN-2005-2368
to this issue.

Users of VIM are advised to upgrade to these updated packages, which
resolve this issue.

Solution

Before applying this update, make sure all previously released errata
relevant to your system have been applied.

This update is available via Red Hat Network. To use Red Hat Network,
launch the Red Hat Update Agent with the following command:

up2date

This will start an interactive process that will result in the
appropriate RPMs being upgraded on your system.

Affected Products

Red Hat Enterprise Linux Server 4 x86_64
Red Hat Enterprise Linux Server 4 ia64
Red Hat Enterprise Linux Server 4 i386
Red Hat Enterprise Linux Server 3 x86_64
Red Hat Enterprise Linux Server 3 ia64
Red Hat Enterprise Linux Server 3 i386
Red Hat Enterprise Linux Server 2 ia64
Red Hat Enterprise Linux Server 2 i386
Red Hat Enterprise Linux Workstation 4 x86_64
Red Hat Enterprise Linux Workstation 4 ia64
Red Hat Enterprise Linux Workstation 4 i386
Red Hat Enterprise Linux Workstation 3 x86_64
Red Hat Enterprise Linux Workstation 3 ia64
Red Hat Enterprise Linux Workstation 3 i386
Red Hat Enterprise Linux Workstation 2 ia64
Red Hat Enterprise Linux Workstation 2 i386
Red Hat Enterprise Linux Desktop 4 x86_64
Red Hat Enterprise Linux Desktop 4 i386
Red Hat Enterprise Linux Desktop 3 x86_64
Red Hat Enterprise Linux Desktop 3 i386
Red Hat Enterprise Linux for IBM z Systems 4 s390x
Red Hat Enterprise Linux for IBM z Systems 4 s390
Red Hat Enterprise Linux for IBM z Systems 3 s390x
Red Hat Enterprise Linux for IBM z Systems 3 s390
Red Hat Enterprise Linux for Power, big endian 4 ppc
Red Hat Enterprise Linux for Power, big endian 3 ppc

Fixes

BZ - 164279 - CAN-2005-2368 vim modeline arbitrary command execution

CVEs

CVE-2005-2368

References

http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2368

Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Server 4

SRPM
x86_64
vim-X11-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 98f69da37966950bbf30102350fc47c9828c30bc319a1ef631868db5086bb5a3
vim-X11-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 98f69da37966950bbf30102350fc47c9828c30bc319a1ef631868db5086bb5a3
vim-common-6.3.046-0.40E.7.x86_64.rpm	SHA-256: a8f8f0a83c598b55a36f6633ce1cb6e7b15574ccfc1c0bc905788ea8d7f3acf7
vim-common-6.3.046-0.40E.7.x86_64.rpm	SHA-256: a8f8f0a83c598b55a36f6633ce1cb6e7b15574ccfc1c0bc905788ea8d7f3acf7
vim-enhanced-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 34b509035f4a1207f01fc351e30a9c000baf057f01eea7fe46cc8b2da9a05d59
vim-enhanced-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 34b509035f4a1207f01fc351e30a9c000baf057f01eea7fe46cc8b2da9a05d59
vim-minimal-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 21549a39ae3829fd672cc35b420d5e5ccccf7c1c107bcdc305773122a87d10b1
vim-minimal-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 21549a39ae3829fd672cc35b420d5e5ccccf7c1c107bcdc305773122a87d10b1
ia64
vim-X11-6.3.046-0.40E.7.ia64.rpm	SHA-256: 65b6b3efc5c560d11c6a58968e5cfa2c83f56e4ed528254cc2b6a6775224776f
vim-X11-6.3.046-0.40E.7.ia64.rpm	SHA-256: 65b6b3efc5c560d11c6a58968e5cfa2c83f56e4ed528254cc2b6a6775224776f
vim-common-6.3.046-0.40E.7.ia64.rpm	SHA-256: 8e9117734168e301baa854d5dcda858da108516af6410311c0458a0cc2049fbc
vim-common-6.3.046-0.40E.7.ia64.rpm	SHA-256: 8e9117734168e301baa854d5dcda858da108516af6410311c0458a0cc2049fbc
vim-enhanced-6.3.046-0.40E.7.ia64.rpm	SHA-256: 6439d2b53d4640e14c5c0245bb41f0418fa12ad739bb1f35dddf6c06b303295b
vim-enhanced-6.3.046-0.40E.7.ia64.rpm	SHA-256: 6439d2b53d4640e14c5c0245bb41f0418fa12ad739bb1f35dddf6c06b303295b
vim-minimal-6.3.046-0.40E.7.ia64.rpm	SHA-256: f6d8156b706dd92a5747b1910a02764d76e28339c601668799d6eec58160f0a1
vim-minimal-6.3.046-0.40E.7.ia64.rpm	SHA-256: f6d8156b706dd92a5747b1910a02764d76e28339c601668799d6eec58160f0a1
i386
vim-X11-6.3.046-0.40E.7.i386.rpm	SHA-256: 703b35b46a85fbf0fa5e9bfc888c6f14630697fb892dcef88e30b19144547fa5
vim-X11-6.3.046-0.40E.7.i386.rpm	SHA-256: 703b35b46a85fbf0fa5e9bfc888c6f14630697fb892dcef88e30b19144547fa5
vim-common-6.3.046-0.40E.7.i386.rpm	SHA-256: 5ca1349d5e2debcefbc2e565b18af4066e5ceee90cfa2abe22935f90abda8ccc
vim-common-6.3.046-0.40E.7.i386.rpm	SHA-256: 5ca1349d5e2debcefbc2e565b18af4066e5ceee90cfa2abe22935f90abda8ccc
vim-enhanced-6.3.046-0.40E.7.i386.rpm	SHA-256: 872150a6d92b414a4f818c006334f7f6856075d5943855107898d82ee7a981bd
vim-enhanced-6.3.046-0.40E.7.i386.rpm	SHA-256: 872150a6d92b414a4f818c006334f7f6856075d5943855107898d82ee7a981bd
vim-minimal-6.3.046-0.40E.7.i386.rpm	SHA-256: 3aa89715f8bb8fcf23b85d9db4cf3c439085aa9727e1c4da7fbbf07d71d02be3
vim-minimal-6.3.046-0.40E.7.i386.rpm	SHA-256: 3aa89715f8bb8fcf23b85d9db4cf3c439085aa9727e1c4da7fbbf07d71d02be3

Red Hat Enterprise Linux Workstation 4

SRPM
x86_64
vim-X11-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 98f69da37966950bbf30102350fc47c9828c30bc319a1ef631868db5086bb5a3
vim-common-6.3.046-0.40E.7.x86_64.rpm	SHA-256: a8f8f0a83c598b55a36f6633ce1cb6e7b15574ccfc1c0bc905788ea8d7f3acf7
vim-enhanced-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 34b509035f4a1207f01fc351e30a9c000baf057f01eea7fe46cc8b2da9a05d59
vim-minimal-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 21549a39ae3829fd672cc35b420d5e5ccccf7c1c107bcdc305773122a87d10b1
ia64
vim-X11-6.3.046-0.40E.7.ia64.rpm	SHA-256: 65b6b3efc5c560d11c6a58968e5cfa2c83f56e4ed528254cc2b6a6775224776f
vim-common-6.3.046-0.40E.7.ia64.rpm	SHA-256: 8e9117734168e301baa854d5dcda858da108516af6410311c0458a0cc2049fbc
vim-enhanced-6.3.046-0.40E.7.ia64.rpm	SHA-256: 6439d2b53d4640e14c5c0245bb41f0418fa12ad739bb1f35dddf6c06b303295b
vim-minimal-6.3.046-0.40E.7.ia64.rpm	SHA-256: f6d8156b706dd92a5747b1910a02764d76e28339c601668799d6eec58160f0a1
i386
vim-X11-6.3.046-0.40E.7.i386.rpm	SHA-256: 703b35b46a85fbf0fa5e9bfc888c6f14630697fb892dcef88e30b19144547fa5
vim-common-6.3.046-0.40E.7.i386.rpm	SHA-256: 5ca1349d5e2debcefbc2e565b18af4066e5ceee90cfa2abe22935f90abda8ccc
vim-enhanced-6.3.046-0.40E.7.i386.rpm	SHA-256: 872150a6d92b414a4f818c006334f7f6856075d5943855107898d82ee7a981bd
vim-minimal-6.3.046-0.40E.7.i386.rpm	SHA-256: 3aa89715f8bb8fcf23b85d9db4cf3c439085aa9727e1c4da7fbbf07d71d02be3

Red Hat Enterprise Linux Desktop 4

SRPM
x86_64
vim-X11-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 98f69da37966950bbf30102350fc47c9828c30bc319a1ef631868db5086bb5a3
vim-common-6.3.046-0.40E.7.x86_64.rpm	SHA-256: a8f8f0a83c598b55a36f6633ce1cb6e7b15574ccfc1c0bc905788ea8d7f3acf7
vim-enhanced-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 34b509035f4a1207f01fc351e30a9c000baf057f01eea7fe46cc8b2da9a05d59
vim-minimal-6.3.046-0.40E.7.x86_64.rpm	SHA-256: 21549a39ae3829fd672cc35b420d5e5ccccf7c1c107bcdc305773122a87d10b1
i386
vim-X11-6.3.046-0.40E.7.i386.rpm	SHA-256: 703b35b46a85fbf0fa5e9bfc888c6f14630697fb892dcef88e30b19144547fa5
vim-common-6.3.046-0.40E.7.i386.rpm	SHA-256: 5ca1349d5e2debcefbc2e565b18af4066e5ceee90cfa2abe22935f90abda8ccc
vim-enhanced-6.3.046-0.40E.7.i386.rpm	SHA-256: 872150a6d92b414a4f818c006334f7f6856075d5943855107898d82ee7a981bd
vim-minimal-6.3.046-0.40E.7.i386.rpm	SHA-256: 3aa89715f8bb8fcf23b85d9db4cf3c439085aa9727e1c4da7fbbf07d71d02be3

Red Hat Enterprise Linux for IBM z Systems 4

SRPM
s390x
vim-X11-6.3.046-0.40E.7.s390x.rpm	SHA-256: 93859f767eb267c0572e6cdc45eacf1dc9c916b19ae7f0dcc9ecc72ad61b7a65
vim-common-6.3.046-0.40E.7.s390x.rpm	SHA-256: 74d0c75c9c7288a39789b0ae554b7b263271f9ec9f2473e96bb20d1f91530a89
vim-enhanced-6.3.046-0.40E.7.s390x.rpm	SHA-256: 829afe647b1c56ae3aa750b06732c9832dde3115708a13cdce1791c2dc22cb04
vim-minimal-6.3.046-0.40E.7.s390x.rpm	SHA-256: bd4d7aee3d16325379f784d6b2e2d75e201c715274812a80aa5e583dc0c59f92
s390
vim-X11-6.3.046-0.40E.7.s390.rpm	SHA-256: def213890e57e952c20dc8eb883d2e1a331ed1b8f53ce9609cc88ecdedace3a7
vim-common-6.3.046-0.40E.7.s390.rpm	SHA-256: 2f073cccbd548996214d422267170bdd7faa828bab92ca0d243622278e87df49
vim-enhanced-6.3.046-0.40E.7.s390.rpm	SHA-256: bf27fff27707fa1d73ceec1d52a2a05d2b5548e48b00e859a409603ce281b058
vim-minimal-6.3.046-0.40E.7.s390.rpm	SHA-256: 93dd1ad40b5c1f17f086adea4c687c9b216c2367312a16ff33650e267093dce3

Red Hat Enterprise Linux for Power, big endian 4

SRPM
ppc
vim-X11-6.3.046-0.40E.7.ppc.rpm	SHA-256: 215829945ae96da91e14bd14bb61eed786f0ea141d5b557b21fc4033a9b1300f
vim-common-6.3.046-0.40E.7.ppc.rpm	SHA-256: d6e6f77b5d7bd4be3416a99cd599465e489d73f072f1d93b435082db42f5d4c0
vim-enhanced-6.3.046-0.40E.7.ppc.rpm	SHA-256: d9f85184d6cd0d8c4b0830375af889ca646ea13d7cc0d626b0fbda979642387b
vim-minimal-6.3.046-0.40E.7.ppc.rpm	SHA-256: 43063ffd1b6ae26474a2d235928de7786486697c70560a4a23fa1e215d5f8d6b

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Log in to Your Red Hat Account

Red Hat Account

Customer Portal

Select Your Language

Infrastructure and Management

Cloud Computing

Storage

JBoss Development and Management

JBoss Integration and Automation

Mobile

Services

Tools

Red Hat Product Security Center

Security Updates

Resources

Customer Portal Community

Customer Events

Stories