Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 600650 (CVE-2016-1248) - <app-editors/{vim,gvim}-8.0.0106: arbitrary code execution (CVE-2016-1248)
Summary: <app-editors/{vim,gvim}-8.0.0106: arbitrary code execution (CVE-2016-1248)
Status: RESOLVED FIXED
Alias: CVE-2016-1248
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal major (vote)
Assignee: Gentoo Security
URL: http://cve.circl.lu/cve/CVE-2016-1248
Whiteboard: A2 [glsa cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2016-11-24 09:28 UTC by Peter Sterk
Modified: 2017-01-24 10:01 UTC (History)
2 users (show)

See Also:
Package list:
=app-editors/vim-core-8.0.0106 =app-editors/vim-8.0.0106 =app-editors/gvim-8.0.0106
Runtime testing required: ---
kensington: sanity-check+


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Peter Sterk 2016-11-24 09:28:37 UTC
Versions of app-editors/vim below 8.0.0056 are vulnerable to arbitrary code execution through malicious modelines; see CVE-2016-1248 ( http://cve.circl.lu/cve/CVE-2016-1248 ).

Reproducible: Always

Steps to Reproduce:
N/A
Comment 1 GLSAMaker/CVETool Bot gentoo-dev 2016-11-24 10:03:52 UTC
CVE-2016-1248 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1248):
  vim before patch 8.0.0056 does not properly validate values for the
  'filetype', 'syntax' and 'keymap' options, which may result in the execution
  of arbitrary code if a file with a specially crafted modeline is opened.
Comment 2 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2016-11-24 10:07:43 UTC
@maintainer(s), please bump and call for stable when ready:

>=app-editors/vim-8.0.0056
Comment 3 Thomas Deutschmann gentoo-dev 2016-11-24 23:39:55 UTC
Adjusting severity according A2 rating.
Comment 4 Tim Harder gentoo-dev 2016-12-01 00:27:30 UTC
Arches go ahead.
Comment 5 Tim Harder gentoo-dev 2016-12-01 00:28:38 UTC
In particular, stabilize:

=app-editors/vim-core-8.0.0106
=app-editors/vim-8.0.0106
=app-editors/gvim-8.0.0106
Comment 6 Agostino Sarubbo gentoo-dev 2016-12-01 12:51:12 UTC
amd64 stable
Comment 7 Agostino Sarubbo gentoo-dev 2016-12-01 12:53:54 UTC
x86 stable
Comment 8 Tobias Klausmann (RETIRED) gentoo-dev 2016-12-02 14:21:40 UTC
Stable on alpha.
Comment 9 Markus Meier gentoo-dev 2016-12-17 15:33:11 UTC
arm stable
Comment 10 Agostino Sarubbo gentoo-dev 2016-12-19 14:40:54 UTC
sparc stable
Comment 11 Agostino Sarubbo gentoo-dev 2016-12-19 15:17:15 UTC
ia64 stable
Comment 12 Agostino Sarubbo gentoo-dev 2016-12-20 09:50:12 UTC
ppc stable
Comment 13 Agostino Sarubbo gentoo-dev 2016-12-22 09:38:38 UTC
ppc64 stable
Comment 14 Jeroen Roovers (RETIRED) gentoo-dev 2017-01-09 14:17:06 UTC
Stable for HPPA.
Comment 15 Thomas Deutschmann gentoo-dev 2017-01-09 17:05:54 UTC
New GLSA request filed.
Comment 16 Thomas Deutschmann gentoo-dev 2017-01-10 21:55:50 UTC
@ Maintainer(s): Please cleanup an drop <app-editors/vim-8.0.0106 and <app-editors/gvim-8.0.0106.
Comment 17 GLSAMaker/CVETool Bot gentoo-dev 2017-01-11 12:36:34 UTC
This issue was resolved and addressed in
 GLSA 201701-29 at https://security.gentoo.org/glsa/201701-29
by GLSA coordinator Aaron Bauman (b-man).
Comment 18 Aaron Bauman Gentoo Infrastructure gentoo-dev Security 2017-01-11 12:37:42 UTC
reopened for cleanup
Comment 19 Patrice Clement gentoo-dev 2017-01-24 09:33:21 UTC
commit e380ffe8d135faa24a151dbd8efc6777d6599b75 (HEAD -> master, origin/master, origin/HEAD)
Author:     Aaron Bauman <bman@gentoo.org>
AuthorDate: Tue Jan 24 13:40:22 2017 +0900
Commit:     Patrice Clement <monsieurp@gentoo.org>
CommitDate: Tue Jan 24 10:32:14 2017 +0100

app-editors/{g,}vim: remove vulnerable versions.

Gentoo-Bug: https://bugs.gentoo.org/600650
Closes: https://github.com/gentoo/gentoo/pull/3615

app-editors/gvim/Manifest             |   5 -
app-editors/gvim/gvim-7.4.2102.ebuild | 390 --------------------------------
app-editors/gvim/gvim-7.4.769.ebuild  | 414 ----------------------------------
app-editors/gvim/gvim-8.0.0005.ebuild | 408 ---------------------------------
app-editors/vim/Manifest              |   5 -
app-editors/vim/vim-7.4.2102.ebuild   | 349 ----------------------------
app-editors/vim/vim-7.4.769.ebuild    | 384 -------------------------------
app-editors/vim/vim-8.0.0005.ebuild   | 349 ----------------------------
8 files changed, 2304 deletions(-)
delete mode 100644 app-editors/gvim/gvim-7.4.2102.ebuild
delete mode 100644 app-editors/gvim/gvim-7.4.769.ebuild
delete mode 100644 app-editors/gvim/gvim-8.0.0005.ebuild
delete mode 100644 app-editors/vim/vim-7.4.2102.ebuild
delete mode 100644 app-editors/vim/vim-7.4.769.ebuild
delete mode 100644 app-editors/vim/vim-8.0.0005.ebuild