vim-8.0.1763-15.el8

エラータID: AXSA:2020-998:02

Release date: 
Saturday, December 19, 2020 - 09:57
Subject: 
vim-8.0.1763-15.el8
Affected Channels: 
Asianux Server 8 for x86_64
Severity: 
Moderate
Description: 

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

* vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode (CVE-2019-20807)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

CVE-2019-20807
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).

Solution: 

Update packages.

CVEs: 
CVE-2019-20807
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS commands via scripting interfaces (e.g., Python, Ruby, or Lua).
Additional Info: 

N/A

Download: 

SRPMS
  1. vim-8.0.1763-15.el8.src.rpm
    MD5: 4baee626ba0c238454b1eb240ed1ff95
    SHA-256: 0970d648aecf2d9d0e9f797a08376b3fc71be149a30f4ec89cc271d55638291e
    Size: 10.69 MB

Asianux Server 8 for x86_64
  1. vim-X11-8.0.1763-15.el8.x86_64.rpm
    MD5: 405043bb1fa4b58a24e75473405cbb91
    SHA-256: 671abb1d45b2aedce0eb8bfde014b4f7cc12eb650a07a13f239eaf70d90006c4
    Size: 1.50 MB
  2. vim-common-8.0.1763-15.el8.x86_64.rpm
    MD5: 8ab273ad0bc53a3378bbff934e77717a
    SHA-256: d72da8355b2ab1f1ad9d2a95ba2d327b434e403d5909f089a1f3ed652fe8a8d0
    Size: 6.34 MB
  3. vim-enhanced-8.0.1763-15.el8.x86_64.rpm
    MD5: bc8af1cfd590648113fc4c3d026e1e9d
    SHA-256: 2942630e215a84f2961705400b39810ad457ab55fb9946eca1ad4977f69f1148
    Size: 1.36 MB
  4. vim-filesystem-8.0.1763-15.el8.noarch.rpm
    MD5: cf892886055cc9b001b2d9882fe02a84
    SHA-256: e40a5e5d824a79195fc0926ffb02fd96ec823c50db95f976c30bf5f5717fda6d
    Size: 47.28 kB
  5. vim-minimal-8.0.1763-15.el8.x86_64.rpm
    MD5: 2e4dbd779bc1dd0668aee7b829b6ab30
    SHA-256: 91fee9c22fd539671eff41e2460d9a15b590ff58d40348fa75e09994fb71f931
    Size: 571.32 kB