You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa vim

Sigurnosni nedostatak programskog paketa vim

by - 0

——————————————————————————–
Fedora Update Notification
FEDORA-2019-dcd49378b8
2019-06-13 01:37:52.283252
——————————————————————————–

Name : vim
Product : Fedora 29
Version : 8.1.1471
Release : 1.fc29
URL : http://www.vim.org/
Summary : The VIM editor
Description :
VIM (VIsual editor iMproved) is an updated and improved version of the
vi editor. Vi was the first real screen-based editor for UNIX, and is
still very popular. VIM improves on vi by adding new features:
multiple windows, multi-level undo, block highlighting and more.

——————————————————————————–
Update Information:

1717503 – Security issue: patch 8.1.1365: source command doesn’t check for the
sandbox
——————————————————————————–
ChangeLog:

* Thu Jun 6 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.1471-1
– patchlevel 1471
* Tue May 28 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.1413-1
– patchlevel 1413
* Mon May 20 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.1359-2
– stop updating f28
* Mon May 20 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.1359-1
– patchlevel 1359
* Mon May 20 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.1137-2
– remove upstream patch
* Mon Apr 8 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.1137-1
– patchlevel 1137
* Mon Apr 8 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.1099-2
– 1697104 – new spec file template contains deprecated tags
* Tue Apr 2 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.1099-1
– patchlevel 1099
* Tue Mar 26 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.1048-2
– add bundled libvterm
* Mon Mar 25 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.1048-1
– patchlevel 1048
* Fri Mar 8 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.998-1
– patchlevel 998
* Fri Mar 8 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.994-2
– F30 is already active in bodhi
* Mon Mar 4 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.994-1
– patchlevel 994
* Wed Feb 20 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.956-1
– patchlevel 956
* Wed Feb 20 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.918-2
– we have Fedora 30 branch now, enable updates for it in vim-update.sh
* Thu Feb 14 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.918-1
– patchlevel 918
* Thu Feb 14 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.897-2
– we do not need exact include path for python3 now
* Tue Feb 12 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.897-1
– patchlevel 897
* Fri Feb 8 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.880-1
– patchlevel 880
* Mon Feb 4 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.873-1
– patchlevel 873
* Mon Feb 4 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.847-4
– remove downstream fix for new ruby, upstream solved it different way
* Sun Feb 3 2019 Fedora Release Engineering <releng@fedoraproject.org> – 2:8.1.847-3
– Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Thu Jan 31 2019 Karsten Hopp <karsten@redhat.com> – 2:8.1.847-2
– remove ancient Changelog.rpm
* Wed Jan 30 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.847-2
– fix patch for new ruby-2.6
* Wed Jan 30 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.847-1
– patchlevel 847
* Tue Jan 29 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.837-2
– FTBFS with new ruby-2.6
* Mon Jan 28 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.837-1
– patchlevel 837
* Fri Jan 25 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.818-1
– patchlevel 818
* Tue Jan 22 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.789-1
– patchlevel 789
* Fri Jan 11 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.714-1
– patchlevel 714
* Tue Jan 8 2019 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.702-1
– patchlevel 702
* Mon Dec 10 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.575-1
– patchlevel 575
* Wed Dec 5 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.549-2
– do not strip binaries before build system strips it
* Tue Nov 27 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.549-1
– patchlevel 549
* Tue Nov 27 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.527-2
– update vim-update.sh – F27 EOL
* Fri Nov 16 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.527-1
– patchlevel 527
* Thu Nov 8 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.513-2
– #1646183 – do not forget the epoch
* Thu Nov 8 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.513-1
– patchlevel 513
* Thu Nov 8 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.511-2
– fix #1646183 properly – we need to conflict with vim-enhanced, not vim-common
* Mon Nov 5 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.511-1
– patchlevel 511
* Mon Nov 5 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.497-2
– 1646183 – Man file conflict for vim-minimal and vim-enhanced
* Fri Oct 26 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.497-1
– patchlevel 497
* Fri Oct 19 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.483-1
– patchlevel 483
* Fri Oct 19 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.451-2
– 1640972 – vimrc/virc should reflect correct augroup
* Fri Oct 5 2018 Zdenek Dohnal <zdohnal@redhat.com> – 2:8.1.451-1
– patchlevel 451
——————————————————————————–
References:

[ 1 ] Bug #1717942 – vim/neovim: arbitrary code execution vulnerability
https://bugzilla.redhat.com/show_bug.cgi?id=1717942
[ 2 ] Bug #1718308 – CVE-2019-12735 vim/neovim: arbitrary command execution in getchar.c
https://bugzilla.redhat.com/show_bug.cgi?id=1718308
——————————————————————————–

This update can be installed with the “dnf” update program. Use
su -c ‘dnf upgrade –advisory FEDORA-2019-dcd49378b8’ at the command
line. For more information, refer to the dnf documentation available at
http://dnf.readthedocs.io/en/latest/command_ref.html#upgrade-command-label

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
——————————————————————————–
_______________________________________________
package-announce mailing list — package-announce@lists.fedoraproject.org
To unsubscribe send an email to package-announce-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org

Top
More in Preporuke
Sigurnosni nedostaci programske biblioteke libreswan

Otkriveni su sigurnosni nedostaci programske biblioteke libreswan za operacijski sustav Fedora. Otkriveni nedostaci potencijalnim napadačima omogućuju izazivanje DoS stanja ili...

Close