Gentoo Bug 227453 - app-editors/vim-core <7.1.319 Shell Command Injection Vulnerabilities (CVE-2008-2712)

First Last Prev Next No search results available Search page Enter new bug

Bug#:	227453
Alias:
Product:
Component:
Status:	ASSIGNED
Resolution:
Assigned To:	Gentoo Security <security@gentoo.org>

Hardware:
OS:
Version:
Priority:
Severity:

Reporter:	GNUtoo@no-log.org
Add CC:
CC:	Remove selected CCs

URL:
Summary:
Status Whiteboard:
Keywords:

Flags:			Requestee:
	Pending
	Approved
	Assigned_To		()

Filename	Description	Type	Creator	Created	Size	Actions
Create a New Attachment (proposed patch, testcase, etc.)						View All

Bug 227453 depends on:			Show dependency tree Show dependency graph
Bug 227453 blocks:			Show dependency tree Show dependency graph

Additional Comments: (this is where you put emerge --info)

Add to CC list

Leave as ASSIGNED
Resolve bug, changing resolution to
Resolve bug, mark it as duplicate of bug #
Reassign bug to
Reassign bug to default assignee of selected component

View Bug Activity | Format For Printing | XML | Clone This Bug

Description:

Opened: 2008-06-16 15:03 0000

Vim Shell Command Injection Vulnerabilities see the url

Reproducible: Always

------- Comment #1 From Ali Polatel 2008-06-20 12:37:28 0000 -------

I've bumped vim-core,vim and gvim to 7.1.319.
@security: I plan to remove vim-6.4. Do you want me to mask it or will you do
it?

------- Comment #2 From Pierre-Yves Rofes 2008-07-06 18:59:00 0000 -------

ali: please proceed with the mask.
Arches, please test and mark stable app-editors/vim-core-7.1.319. Target
KEYWORDS: "alpha amd64 arm hppa ia64 m68k ppc ppc64 s390 sh sparc ~sparc-fbsd
x86 ~x86-fbsd"

------- Comment #3 From Friedrich Oslage 2008-07-06 20:11:28 0000 -------

Are we supposted to just stablize vim-core or vim-core,vim and gvim?

------- Comment #4 From Pierre-Yves Rofes 2008-07-06 20:17:58 0000 -------

(In reply to comment #3)
> Are we supposted to just stablize vim-core or vim-core,vim and gvim?
> 

both of them, my mistake.

------- Comment #5 From Jeroen Roovers 2008-07-06 20:21:38 0000 -------

(In reply to comment #4)
> (In reply to comment #3)
> > Are we supposted to just stablize vim-core or vim-core,vim and gvim?
> > 
> 
> both of them, my mistake.

All three of them.

------- Comment #6 From Dawid Węgliński 2008-07-06 21:00:04 0000 -------

amd64/x86 stable

------- Comment #7 From Dawid Węgliński 2008-07-06 21:05:33 0000 -------

Also unCC arches.

------- Comment #8 From Jeroen Roovers 2008-07-06 21:45:16 0000 -------

Stable for HPPA.

------- Comment #9 From Ferris McCormick 2008-07-06 22:38:29 0000 -------

All three stable on sparc.  I've been using [vim, gvim]-7.1.319 pretty heavily
for almost four weeks with no problems.

------- Comment #10 From Brent Baude 2008-07-07 02:56:22 0000 -------

ppc and ppc64 done for all three pkgs

------- Comment #11 From Raúl Porcel 2008-07-07 12:15:53 0000 -------

alpha/ia64 stable

------- Comment #12 From Tobias Heinlein 2008-07-15 16:46:28 0000 -------

Does this version actually fix all of the vulnerabilities? Using the test suite
from http://www.rdancer.org/vulnerablevim.html I get the following result:

-------------------------------------------
-------- Test results below ---------------
-------------------------------------------
filetype.vim
  strong  : EXPLOIT FAILED
  weak    : EXPLOIT FAILED
zipplugin : VULNERABLE
xpm.vim
  xpm     : VULNERABLE
  xpm2    : VULNERABLE
  remote  : VULNERABLE
gzip_vim  : EXPLOIT FAILED
netrw     : VULNERABLE

Should be noted in the GLSA I guess.

------- Comment #13 From Tobias Heinlein 2008-07-17 12:15:28 0000 -------

vim team, do you know if upstream is trying to fix the remaining issues in the
near future? if yes, we will postpone this glsa until everything is fixed.

------- Comment #14 From Ali Polatel 2008-08-14 08:44:21 0000 -------

(In reply to comment #13)
> vim team, do you know if upstream is trying to fix the remaining issues in the
> near future? if yes, we will postpone this glsa until everything is fixed.
> 

{vim,gvim}-7.2 fixes this. It's in CVS.
-------------------------------------------
-------- Test results below ---------------
-------------------------------------------
Vim version 7.2
zip.vim version: 
netrw.vim version: 
-------------------------------------------
filetype.vim
  strong  : EXPLOIT FAILED
  weak    : EXPLOIT FAILED
tarplugin : EXPLOIT FAILED
tarplugin.updated: EXPLOIT FAILED
tarplugin.v2: EXPLOIT FAILED
zipplugin : EXPLOIT FAILED
zipplugin.v2: EXPLOIT FAILED
xpm.vim
  xpm     : EXPLOIT FAILED
  xpm2    : EXPLOIT FAILED
  remote  : EXPLOIT FAILED
gzip_vim  : EXPLOIT FAILED
netrw     : EXPLOIT FAILED
netrw.v2  : EXPLOIT FAILED
netrw.v3  : EXPLOIT FAILED
netrw.v4  : EXPLOIT FAILED
netrw.v5  : EXPLOIT FAILED
shellescape: EXPLOIT FAILED

First Last Prev Next No search results available Search page Enter new bug

Bugzilla Bug 227453

app-editors/vim-core <7.1.319 Shell Command Injection Vulnerabilities (CVE-2008-2712)

Last modified: 2008-08-14 08:44:21 0000