LinuxSecurity.com
Share your story
The central voice for Linux and Open Source security news
Home News Topics Advisories HOWTOs Features Newsletters About Register

Welcome!
Sign up!
EnGarde Community
Login
Polls
What is the most important Linux security technology?
 
Advisories
Community
Linux Events
Linux User Groups
Link to Us
Security Center
Book Reviews
Security Dictionary
Security Tips
SELinux
White Papers
Featured Blogs
All About Linux
DanWalsh LiveJournal
Securitydistro
Latest Newsletters
Linux Security Week: July 28th, 2014
Linux Advisory Watch: July 25th, 2014
Subscribe
LinuxSecurity Newsletters
E-mail:
Choose Lists:
About our Newsletters
RSS Feeds
Get the LinuxSecurity news you want faster with RSS
Powered By

  
Mandrake: vim modeline vulnerabilities fix Print E-mail
User Rating:      How can I rate this item?
Posted by Joe Shakespeare   
Mandrake Several "modeline"-related vulnerabilities were discovered in Vim by Ciaran McCreesh. The updated packages have been patched with Bram Moolenaar's vim 6.3.045 patch which fixes the reported vulnerabilities and adds more conservative "modeline" rights.

 _______________________________________________________________________

                 Mandrakelinux Security Update Advisory
 _______________________________________________________________________

 Package name:           vim
 Advisory ID:            MDKSA-2005:003
 Date:                   January 6th, 2005

 Affected versions:      10.0, 10.1, 9.2, Corporate Server 2.1
 ______________________________________________________________________

 Problem Description:

 Several "modeline"-related vulnerabilities were discovered in Vim by
 Ciaran McCreesh.  The updated packages have been patched with Bram
 Moolenaar's vim 6.3.045 patch which fixes the reported vulnerabilities
 and adds more conservative "modeline" rights.
 _______________________________________________________________________

 References:

  http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2004-1138
 ______________________________________________________________________

 Updated Packages:

 Mandrakelinux 10.0:
 dc99ec20a0d5e1ffe5705b338587dc4e  10.0/RPMS/vim-X11-6.2-14.1.100mdk.i586.rpm
 321271cf96a487d030c1f63916057df6  10.0/RPMS/vim-common-6.2-14.1.100mdk.i586.rpm
 cab974c180ba32f189ed2b8f9d87c4d7  10.0/RPMS/vim-enhanced-6.2-14.1.100mdk.i586.rpm
 354150734d36ae267933932fda998694  10.0/RPMS/vim-minimal-6.2-14.1.100mdk.i586.rpm
 da7ed2d30da9357180fc2e95a8332ac1  10.0/SRPMS/vim-6.2-14.1.100mdk.src.rpm

 Mandrakelinux 10.0/AMD64:
 00c06119cda7bccb1e72313a1b2d1dce  amd64/10.0/RPMS/vim-X11-6.2-14.1.100mdk.amd64.rpm
 00e1ffca2a8e584885632fd628d2f963  amd64/10.0/RPMS/vim-common-6.2-14.1.100mdk.amd64.rpm
 82e1be218800efc70e795a604514c375  amd64/10.0/RPMS/vim-enhanced-6.2-14.1.100mdk.amd64.rpm
 2b2b8c84f7790797ab18e77f3c1e7f2f  amd64/10.0/RPMS/vim-minimal-6.2-14.1.100mdk.amd64.rpm
 da7ed2d30da9357180fc2e95a8332ac1  amd64/10.0/SRPMS/vim-6.2-14.1.100mdk.src.rpm

 Mandrakelinux 10.1:
 8b913b02ea90489aaa2bd29f795399d8  10.1/RPMS/vim-X11-6.3-5.1.101mdk.i586.rpm
 5353a6cfb15280d8f1cc053743341ad1  10.1/RPMS/vim-common-6.3-5.1.101mdk.i586.rpm
 f765913a4dfdd57ef7faa420a5a61830  10.1/RPMS/vim-enhanced-6.3-5.1.101mdk.i586.rpm
 684886af2c515a9e9a1c1291ec8094fd  10.1/RPMS/vim-minimal-6.3-5.1.101mdk.i586.rpm
 89b134fbe9240efc208824930c9a605b  10.1/SRPMS/vim-6.3-5.1.101mdk.src.rpm

 Mandrakelinux 10.1/X86_64:
 f035a1b1ac873ee806527eb338c135ef  x86_64/10.1/RPMS/vim-X11-6.3-5.1.101mdk.x86_64.rpm
 2b750028b598e8673122696bdf9f575b  x86_64/10.1/RPMS/vim-common-6.3-5.1.101mdk.x86_64.rpm
 03f49e6ea46596fe972b140d4edc55e3  x86_64/10.1/RPMS/vim-enhanced-6.3-5.1.101mdk.x86_64.rpm
 64305d45fcf292ac1a852f189a50306b  x86_64/10.1/RPMS/vim-minimal-6.3-5.1.101mdk.x86_64.rpm
 89b134fbe9240efc208824930c9a605b  x86_64/10.1/SRPMS/vim-6.3-5.1.101mdk.src.rpm

 Corporate Server 2.1:
 756cc2e58bff900c4fcb0460a6ac767f  corporate/2.1/RPMS/vim-X11-6.1-34.2.C21mdk.i586.rpm
 65697ca8ad7698cd6b141ebcefb14646  corporate/2.1/RPMS/vim-common-6.1-34.2.C21mdk.i586.rpm
 ef40b036454a280650b3842be5eb4b5d  corporate/2.1/RPMS/vim-enhanced-6.1-34.2.C21mdk.i586.rpm
 15706190a1a01413f7aa106238e592b1  corporate/2.1/RPMS/vim-minimal-6.1-34.2.C21mdk.i586.rpm
 8558f98441e0e85964d2aa9b400ebfce  corporate/2.1/SRPMS/vim-6.1-34.2.C21mdk.src.rpm

 Corporate Server 2.1/x86_64:
 51c1ff3d71adfddc998c9731e9cbf033  x86_64/corporate/2.1/RPMS/vim-X11-6.1-34.2.C21mdk.x86_64.rpm
 72818890b41fab3a7fca922084139bee  x86_64/corporate/2.1/RPMS/vim-common-6.1-34.2.C21mdk.x86_64.rpm
 990252b46c4d80a0f118d9f9d47480ee  x86_64/corporate/2.1/RPMS/vim-enhanced-6.1-34.2.C21mdk.x86_64.rpm
 711e168b31f45852a0b4c50c94a17c46  x86_64/corporate/2.1/RPMS/vim-minimal-6.1-34.2.C21mdk.x86_64.rpm
 8558f98441e0e85964d2aa9b400ebfce  x86_64/corporate/2.1/SRPMS/vim-6.1-34.2.C21mdk.src.rpm

 Mandrakelinux 9.2:
 d05af7e58ceb4437e8f850bbffa2d78b  9.2/RPMS/vim-X11-6.2-11.1.92mdk.i586.rpm
 877835edad015bd451e12314fc685d01  9.2/RPMS/vim-common-6.2-11.1.92mdk.i586.rpm
 cfbdd0030d0a06bdc5200c8f7f02741d  9.2/RPMS/vim-enhanced-6.2-11.1.92mdk.i586.rpm
 02a99727758bb95e081ec55ceb80629f  9.2/RPMS/vim-minimal-6.2-11.1.92mdk.i586.rpm
 1ceb7a9081a1bb02ef4c8e9881d0e8db  9.2/SRPMS/vim-6.2-11.1.92mdk.src.rpm

 Mandrakelinux 9.2/AMD64:
 24182d75dce9da179234a45ad31d9bf7  amd64/9.2/RPMS/vim-X11-6.2-11.1.92mdk.amd64.rpm
 4b7a72d17f7964aed4d7cdf90837c8ca  amd64/9.2/RPMS/vim-common-6.2-11.1.92mdk.amd64.rpm
 66e94e428441701c22515b30a9092eff  amd64/9.2/RPMS/vim-enhanced-6.2-11.1.92mdk.amd64.rpm
 4f0bad1665fa9c844bd11f0dbdfb1c91  amd64/9.2/RPMS/vim-minimal-6.2-11.1.92mdk.amd64.rpm
 1ceb7a9081a1bb02ef4c8e9881d0e8db  amd64/9.2/SRPMS/vim-6.2-11.1.92mdk.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrakeUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandrakesoft for security.  You can obtain
 the GPG public key of the Mandrakelinux Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandrakelinux at:

  http://www.mandrakesoft.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_linux-mandrake.com

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Linux Mandrake Security Team
  

 
< Prev   Next >
    
Partner

 

Latest Features
Peter Smith Releases Linux Network Security Online
Securing a Linux Web Server
Password guessing with Medusa 2.0
Password guessing as an attack vector
Squid and Digest Authentication
Squid and Basic Authentication
Demystifying the Chinese Hacking Industry: Earning 6 Million a Night
Free Online security course (LearnSIA) - A Call for Help
What You Need to Know About Linux Rootkits
Review: A Practical Guide to Fedora and Red Hat Enterprise Linux - Fifth Edition
Yesterday's Edition
Hackers Plundered Israeli Defense Firms that Built ‘Iron Dome’ Missile Defense System
Internet of things big security worry, says HP
Boffins build FREE SUPERCOMPUTER from free cloud server trials
Insecure Connections: Enterprises hacked after neglecting third-party risks
Partner Sponsor

Community | HOWTOs | Blogs | Features | Book Reviews | Networking
 Security Projects |  Latest News |  Newsletters |  SELinux |  Privacy |  Home
 Hardening |   About Us |   Advertise |   Legal Notice |   RSS |   Guardian Digital
(c)Copyright 2014 Guardian Digital, Inc. All rights reserved.