ALSA-2020:4453

[ALSA-2020:4453] Moderate: vim security update

Type:

security

Severity:

moderate

Release date:

2020-11-03

Description:

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

* vim: users can execute arbitrary OS commands via scripting interfaces in the rvim restricted mode (CVE-2019-20807)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

CVE-2019-20807

Updated packages:

vim-X11-8.0.1763-15.el8.x86_64.rpm
vim-common-8.0.1763-15.el8.x86_64.rpm
vim-enhanced-8.0.1763-15.el8.x86_64.rpm
vim-filesystem-8.0.1763-15.el8.noarch.rpm
vim-minimal-8.0.1763-15.el8.x86_64.rpm

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.