From martin.pitt@canonical.com Tue Jan 18 16:37:15 2005 From: Martin Pitt To: ubuntu-security-announce@lists.ubuntu.com Cc: full-disclosure@lists.netsys.com, bugtraq@securityfocus.com Date: Tue, 18 Jan 2005 17:56:58 +0100 Subject: [USN-61-1] vim vulnerabilities =========================================================== Ubuntu Security Notice USN-61-1 January 18, 2005 vim vulnerabilities CAN-2005-0069 =========================================================== A security issue affects the following Ubuntu releases: Ubuntu 4.10 (Warty Warthog) The following packages are affected: kvim vim vim-gnome vim-gtk vim-lesstif vim-perl vim-python vim-tcl The problem can be corrected by upgrading the affected package to version 1:6.3-025+1ubuntu2.2. In general, a standard system upgrade is sufficient to effect the necessary changes. Details follow: Javier Fernández-Sanguino Peña noticed that the auxillary scripts "tcltags" and "vimspell.sh" created temporary files in an insecure manner. This could allow a symbolic link attack to create or overwrite arbitrary files with the privileges of the user invoking the script (either by calling it directly or by execution through vim). Source archives: http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_6.3-025+1ubuntu2.2.diff.gz Size/MD5: 425421 ee7e4653fb70fd45329bf5773e610ad6 http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_6.3-025+1ubuntu2.2.dsc Size/MD5: 1122 9bd9428dd29c8aa562f4b97566b9a05a http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_6.3.orig.tar.gz Size/MD5: 5624622 de1c964ceedbc13538da87d2d73fd117 Architecture independent packages: http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-common_6.3-025+1ubuntu2.2_all.deb Size/MD5: 3421084 8dc7b200376add6ccb2896e2f6e80e0d http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-doc_6.3-025+1ubuntu2.2_all.deb Size/MD5: 1646686 2c2716a1dad40612baaaf28ebc0de3a6 amd64 architecture (Athlon64, Opteron, EM64T Xeon) http://security.ubuntu.com/ubuntu/pool/universe/v/vim/kvim_6.3-025+1ubuntu2.2_amd64.deb Size/MD5: 2586 1e0b1528b70e54e2bcff3a02acaacbc5 http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_6.3-025+1ubuntu2.2_amd64.deb Size/MD5: 805722 51093d7843d5fb20ece35d2f53eadb0d http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_6.3-025+1ubuntu2.2_amd64.deb Size/MD5: 802452 d4fd55aca188063434361f5674805dec http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-lesstif_6.3-025+1ubuntu2.2_amd64.deb Size/MD5: 784100 1d477c5f09466e8942d0f7da3c221afd http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_6.3-025+1ubuntu2.2_amd64.deb Size/MD5: 809126 646c31a0d612b398943b4c2a42c9b6f9 http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_6.3-025+1ubuntu2.2_amd64.deb Size/MD5: 802470 ede70bb09d39b7571fae1192900b0385 http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_6.3-025+1ubuntu2.2_amd64.deb Size/MD5: 801160 aa65781693eca8d06230bc5f8ee29463 http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_6.3-025+1ubuntu2.2_amd64.deb Size/MD5: 765120 b5425b1b087b9528e7e4a9ef25493299 i386 architecture (x86 compatible Intel/AMD) http://security.ubuntu.com/ubuntu/pool/universe/v/vim/kvim_6.3-025+1ubuntu2.2_i386.deb Size/MD5: 2590 edbd9dc0be6acaea44ee02e09c6e5c3e http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_6.3-025+1ubuntu2.2_i386.deb Size/MD5: 702656 7a12cb5196a1257eae527f5b231d763d http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_6.3-025+1ubuntu2.2_i386.deb Size/MD5: 700006 486ea88f3d0a2c4eb1804c09bca8418b http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-lesstif_6.3-025+1ubuntu2.2_i386.deb Size/MD5: 682462 61c39ffed3017081974a3af522b61959 http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_6.3-025+1ubuntu2.2_i386.deb Size/MD5: 707674 05989ac6496d7a1db524b68bd1acd313 http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_6.3-025+1ubuntu2.2_i386.deb Size/MD5: 700022 09e7ebbe082c99520d11fa33277cc212 http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_6.3-025+1ubuntu2.2_i386.deb Size/MD5: 699634 673329baa7cd9aca70cca9f87943a628 http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_6.3-025+1ubuntu2.2_i386.deb Size/MD5: 680130 305b1d85bbdb52dd9869a21664049be3 powerpc architecture (Apple Macintosh G3/G4/G5) http://security.ubuntu.com/ubuntu/pool/universe/v/vim/kvim_6.3-025+1ubuntu2.2_powerpc.deb Size/MD5: 2586 f56083ef36048c9b94c41a37c35633dc http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim-gnome_6.3-025+1ubuntu2.2_powerpc.deb Size/MD5: 787984 e38f3d9674200796e39438ece635ebf7 http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-gtk_6.3-025+1ubuntu2.2_powerpc.deb Size/MD5: 785338 bdb6dd908d78a1172a431b4dbbea97f5 http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-lesstif_6.3-025+1ubuntu2.2_powerpc.deb Size/MD5: 769822 b4dc7592d9a49fa63488ff35b7f9b97d http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-perl_6.3-025+1ubuntu2.2_powerpc.deb Size/MD5: 792362 76ae3cbe76e78757cd82b08b8ebe2aa8 http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-python_6.3-025+1ubuntu2.2_powerpc.deb Size/MD5: 785354 c4e418a1fba8015c2416b662a77a257f http://security.ubuntu.com/ubuntu/pool/universe/v/vim/vim-tcl_6.3-025+1ubuntu2.2_powerpc.deb Size/MD5: 784868 c9f9251376c1cb48552fd8012acbec7c http://security.ubuntu.com/ubuntu/pool/main/v/vim/vim_6.3-025+1ubuntu2.2_powerpc.deb Size/MD5: 754620 c69a3dc15fddab0bad774759dd3ea6ae [ Part 2, "Digital signature" Application/PGP-SIGNATURE ] [ 196bytes. ] [ Unable to print this part. ]