Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Red Hat Console
  • Get Support
  • Products

    Top Products

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Products

    Downloads and Containers

    • Downloads
    • Packages
    • Containers

    Top Resources

    • Documentation
    • Product Life Cycles
    • Product Compliance
    • Errata
  • Knowledge

    Red Hat Knowledge Center

    • Knowledgebase Solutions
    • Knowledgebase Articles
    • Customer Portal Labs
    • Errata

    Top Product Docs

    • Red Hat Enterprise Linux
    • Red Hat OpenShift
    • Red Hat Ansible Automation Platform
    All Product Docs

    Training and Certification

    • About
    • Course Index
    • Certification Index
    • Skill Assessment
  • Security

    Red Hat Product Security Center

    • Security Updates
    • Security Advisories
    • Red Hat CVE Database
    • Errata

    References

    • Security Bulletins
    • Security Measurement
    • Severity Ratings
    • Security Data

    Top Resources

    • Security Labs
    • Backporting Policies
    • Security Blog
  • Support

    Red Hat Support

    • Support Cases
    • Troubleshoot
    • Get Support
    • Contact Red Hat Support

    Red Hat Community Support

    • Customer Portal Community
    • Community Discussions
    • Red Hat Accelerator Program

    Top Resources

    • Product Life Cycles
    • Customer Portal Labs
    • Red Hat JBoss Supported Configurations
    • Red Hat Insights
Or troubleshoot an issue.

Select Your Language

  • English
  • Français
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat OpenStack Platform
  • Red Hat OpenShift
  • Red Hat OpenShift AI
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat build of Keycloak
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Application Foundations
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
All Products
Red Hat Product Errata RHSA-2019:1947 - Security Advisory
Issued:
2019-07-30
Updated:
2019-07-30

RHSA-2019:1947 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: vim security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for vim is now available for Red Hat Enterprise Linux 7.4 Extended Update Support.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

  • vim/neovim: ':source!' command allows arbitrary command execution via modelines (CVE-2019-12735)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.4 x86_64
  • Red Hat Enterprise Linux Server - AUS 7.4 x86_64
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.4 s390x
  • Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.4 ppc64
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.4 ppc64le
  • Red Hat Enterprise Linux Server - TUS 7.4 x86_64
  • Red Hat Enterprise Linux EUS Compute Node 7.4 x86_64
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.4 ppc64le
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.4 x86_64

Fixes

  • BZ - 1718308 - CVE-2019-12735 vim/neovim: ':source!' command allows arbitrary command execution via modelines

CVEs

  • CVE-2019-12735

References

  • https://access.redhat.com/security/updates/classification/#important
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux for x86_64 - Extended Update Support 7.4

SRPM
vim-7.4.160-2.el7_4.1.src.rpm SHA-256: a47afdc74ec3268491e68b0c4996472921c3d58a944549f8ab2a6728aa7c0d92
x86_64
vim-X11-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 22157e549637300601fdcec76963f8bde68a23a88a5b69dbd75cd21e9cc68e1f
vim-common-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: b368c53d6eca6bb813760a13d4d6692751bd28efd312344779dbd6b117e30303
vim-debuginfo-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 7f1f2b119bb208aa6ff6f0216ede565573390a910131f43ee032b923f5ddc4a3
vim-enhanced-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 3fadcdcce529719709c5ab3f280c9cd987a86ae9b24b8cc42b312ab54a4c8f82
vim-filesystem-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: e7d5bbd754ea51febc621afcb119b7d226b632e7459c245849280cc6b3d9667b
vim-minimal-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 898435a8a6daab33faee0073aa228373edcf98fcc5635682e78ec3c6db318885

Red Hat Enterprise Linux Server - AUS 7.4

SRPM
vim-7.4.160-2.el7_4.1.src.rpm SHA-256: a47afdc74ec3268491e68b0c4996472921c3d58a944549f8ab2a6728aa7c0d92
x86_64
vim-X11-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 22157e549637300601fdcec76963f8bde68a23a88a5b69dbd75cd21e9cc68e1f
vim-common-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: b368c53d6eca6bb813760a13d4d6692751bd28efd312344779dbd6b117e30303
vim-debuginfo-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 7f1f2b119bb208aa6ff6f0216ede565573390a910131f43ee032b923f5ddc4a3
vim-enhanced-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 3fadcdcce529719709c5ab3f280c9cd987a86ae9b24b8cc42b312ab54a4c8f82
vim-filesystem-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: e7d5bbd754ea51febc621afcb119b7d226b632e7459c245849280cc6b3d9667b
vim-minimal-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 898435a8a6daab33faee0073aa228373edcf98fcc5635682e78ec3c6db318885

Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 7.4

SRPM
vim-7.4.160-2.el7_4.1.src.rpm SHA-256: a47afdc74ec3268491e68b0c4996472921c3d58a944549f8ab2a6728aa7c0d92
s390x
vim-X11-7.4.160-2.el7_4.1.s390x.rpm SHA-256: faf8a4be4384b0306505bc30e5c02a10ebc04c9d8a6599088f2817342a99928c
vim-common-7.4.160-2.el7_4.1.s390x.rpm SHA-256: dd2254ea5a2b3b3e1d20fb838bfe89cf9908be699ba240ab4fa18b6029930fc3
vim-debuginfo-7.4.160-2.el7_4.1.s390x.rpm SHA-256: afc01b6018dedea693b81c753ff9c46fdbfa4e1ab3051e979c39245f96c02f42
vim-enhanced-7.4.160-2.el7_4.1.s390x.rpm SHA-256: fd9e75d729921b4132187e45025e00314bdc13f130205b344a2f4efb701b8837
vim-filesystem-7.4.160-2.el7_4.1.s390x.rpm SHA-256: 870c5ba6e0edcf47932d1fdd537c403ba7be525e7a24622a36fda8ec15aa4422
vim-minimal-7.4.160-2.el7_4.1.s390x.rpm SHA-256: 3aa1b8f6cd896c7457436fce3fe4b8f255c6c3b63504b7ef7118740275ca24c1

Red Hat Enterprise Linux for Power, big endian - Extended Update Support 7.4

SRPM
vim-7.4.160-2.el7_4.1.src.rpm SHA-256: a47afdc74ec3268491e68b0c4996472921c3d58a944549f8ab2a6728aa7c0d92
ppc64
vim-X11-7.4.160-2.el7_4.1.ppc64.rpm SHA-256: 8f0f928a3bd94f1861651f184fb0d133fbca14813119242bbd0d093ea22bb685
vim-common-7.4.160-2.el7_4.1.ppc64.rpm SHA-256: baff18227db8dd5b96661bc1cf423ef32abb0722d70fab2d5a7a906be7721289
vim-debuginfo-7.4.160-2.el7_4.1.ppc64.rpm SHA-256: e01263f2e5f947634e91a797f84303462f8f25a497cc07be3b04b3a990586314
vim-enhanced-7.4.160-2.el7_4.1.ppc64.rpm SHA-256: e547cddc8289184c8883acad9aa454f96cab9d6d4428dc4ab9f7ba749d56f0b3
vim-filesystem-7.4.160-2.el7_4.1.ppc64.rpm SHA-256: 2876c2afb889a059c583e9ce798a039ac062a4b6af96f7964402c86bbf58d85e
vim-minimal-7.4.160-2.el7_4.1.ppc64.rpm SHA-256: 2ae99cea2fad3e82a7c551a578106083fefa796fbb17a8ddb9eb7cfb70c5b899

Red Hat Enterprise Linux for Power, little endian - Extended Update Support 7.4

SRPM
vim-7.4.160-2.el7_4.1.src.rpm SHA-256: a47afdc74ec3268491e68b0c4996472921c3d58a944549f8ab2a6728aa7c0d92
ppc64le
vim-X11-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: 132d7ff2bbc31c09cea4ae8bd8ada8427e40b27026b00ac16d8848c31c647286
vim-common-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: d4a3faf311c058c098fc2821d91f5ca3041685d8ff92fea396c3a3e074f54668
vim-debuginfo-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: be3865846e221ea3deb5f95df8f0aed1f98a278c4f45d91bdc3ac7158a262bc7
vim-enhanced-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: 837b8543b06ea6781d8ca8ab932b483421ca44bf5e6b4a4f80f865f9467aaa08
vim-filesystem-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: cd258b031f80f648a85eaf61b343eda07c0fa982e55e3c750b0d79352aef50f9
vim-minimal-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: 38966d9ace5dac970f545ae99527f3d6b278940370eb4e833f2fbf7097c4b9d4

Red Hat Enterprise Linux Server - TUS 7.4

SRPM
vim-7.4.160-2.el7_4.1.src.rpm SHA-256: a47afdc74ec3268491e68b0c4996472921c3d58a944549f8ab2a6728aa7c0d92
x86_64
vim-X11-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 22157e549637300601fdcec76963f8bde68a23a88a5b69dbd75cd21e9cc68e1f
vim-common-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: b368c53d6eca6bb813760a13d4d6692751bd28efd312344779dbd6b117e30303
vim-debuginfo-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 7f1f2b119bb208aa6ff6f0216ede565573390a910131f43ee032b923f5ddc4a3
vim-enhanced-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 3fadcdcce529719709c5ab3f280c9cd987a86ae9b24b8cc42b312ab54a4c8f82
vim-filesystem-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: e7d5bbd754ea51febc621afcb119b7d226b632e7459c245849280cc6b3d9667b
vim-minimal-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 898435a8a6daab33faee0073aa228373edcf98fcc5635682e78ec3c6db318885

Red Hat Enterprise Linux EUS Compute Node 7.4

SRPM
vim-7.4.160-2.el7_4.1.src.rpm SHA-256: a47afdc74ec3268491e68b0c4996472921c3d58a944549f8ab2a6728aa7c0d92
x86_64
vim-X11-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 22157e549637300601fdcec76963f8bde68a23a88a5b69dbd75cd21e9cc68e1f
vim-common-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: b368c53d6eca6bb813760a13d4d6692751bd28efd312344779dbd6b117e30303
vim-debuginfo-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 7f1f2b119bb208aa6ff6f0216ede565573390a910131f43ee032b923f5ddc4a3
vim-debuginfo-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 7f1f2b119bb208aa6ff6f0216ede565573390a910131f43ee032b923f5ddc4a3
vim-enhanced-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 3fadcdcce529719709c5ab3f280c9cd987a86ae9b24b8cc42b312ab54a4c8f82
vim-filesystem-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: e7d5bbd754ea51febc621afcb119b7d226b632e7459c245849280cc6b3d9667b
vim-minimal-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 898435a8a6daab33faee0073aa228373edcf98fcc5635682e78ec3c6db318885

Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 7.4

SRPM
vim-7.4.160-2.el7_4.1.src.rpm SHA-256: a47afdc74ec3268491e68b0c4996472921c3d58a944549f8ab2a6728aa7c0d92
ppc64le
vim-X11-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: 132d7ff2bbc31c09cea4ae8bd8ada8427e40b27026b00ac16d8848c31c647286
vim-common-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: d4a3faf311c058c098fc2821d91f5ca3041685d8ff92fea396c3a3e074f54668
vim-debuginfo-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: be3865846e221ea3deb5f95df8f0aed1f98a278c4f45d91bdc3ac7158a262bc7
vim-enhanced-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: 837b8543b06ea6781d8ca8ab932b483421ca44bf5e6b4a4f80f865f9467aaa08
vim-filesystem-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: cd258b031f80f648a85eaf61b343eda07c0fa982e55e3c750b0d79352aef50f9
vim-minimal-7.4.160-2.el7_4.1.ppc64le.rpm SHA-256: 38966d9ace5dac970f545ae99527f3d6b278940370eb4e833f2fbf7097c4b9d4

Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 7.4

SRPM
vim-7.4.160-2.el7_4.1.src.rpm SHA-256: a47afdc74ec3268491e68b0c4996472921c3d58a944549f8ab2a6728aa7c0d92
x86_64
vim-X11-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 22157e549637300601fdcec76963f8bde68a23a88a5b69dbd75cd21e9cc68e1f
vim-common-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: b368c53d6eca6bb813760a13d4d6692751bd28efd312344779dbd6b117e30303
vim-debuginfo-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 7f1f2b119bb208aa6ff6f0216ede565573390a910131f43ee032b923f5ddc4a3
vim-enhanced-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 3fadcdcce529719709c5ab3f280c9cd987a86ae9b24b8cc42b312ab54a4c8f82
vim-filesystem-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: e7d5bbd754ea51febc621afcb119b7d226b632e7459c245849280cc6b3d9667b
vim-minimal-7.4.160-2.el7_4.1.x86_64.rpm SHA-256: 898435a8a6daab33faee0073aa228373edcf98fcc5635682e78ec3c6db318885

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat LinkedIn YouTube Facebook X, formerly Twitter

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

Red Hat legal and privacy links

  • About Red Hat
  • Jobs
  • Events
  • Locations
  • Contact Red Hat
  • Red Hat Blog
  • Inclusion at Red Hat
  • Cool Stuff Store
  • Red Hat Summit
© 2025 Red Hat

Red Hat legal and privacy links

  • Privacy statement
  • Terms of use
  • All policies and guidelines
  • Digital accessibility