Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

Fedora 37: FEDORA-2023-def7654321 Critical: Apache Remote Code Execution

fedora
Calendar Grey November 26, 2023
Dist Fedora Esm H88
Recent update for Fedora 37 improves vim's security and fixes multiple critical issues prompted by vulnerabilities.
The newest upstream commit Security fixes for CVE-2023-48233, CVE-2023-48231, CVE-2023-48232, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237.

Summary

VIM (VIsual editor iMproved) is an updated and improved version of the

vi editor. Vi was the first real screen-based editor for UNIX, and is

still very popular. VIM improves on vi by adding new features:

multiple windows, multi-level undo, block highlighting and more.

Update Information:

The newest upstream commit Security fixes for CVE-2023-48233, CVE-2023-48231, CVE-2023-48232, CVE-2023-48234, CVE-2023-48235, CVE-2023-48236, CVE-2023-48237.

Topics%20covered

Topics Covered

security advisory software update Fedora service denial Nginx bug patches

Change Log

* Wed Nov 22 2023 Zdenek Dohnal - 2:9.0.2120-1 - patchlevel 2120

References


[ 1 ] Bug #2250268 - CVE-2023-48231 vim: use after free in win_close() https://bugzilla.redhat.com/show_bug.cgi?id=2250268 [ 2 ] Bug #2250269 - CVE-2023-48232 vim: floating point exception in adjust_plines_for_skipcol() https://bugzilla.redhat.com/show_bug.cgi?id=2250269 [ 3 ] Bug #2250270 - CVE-2023-48233 vim: overflow with count for :s command https://bugzilla.redhat.com/show_bug.cgi?id=2250270 [ 4 ] Bug #2250271 - CVE-2023-48234 vim: overflow in nv_z_get_count https://bugzilla.redhat.com/show_bug.cgi?id=2250271 [ 5 ] Bug #2250272 - CVE-2023-48235 vim: overflow in ex address parsing https://bugzilla.redhat.com/show_bug.cgi?id=2250272 [ 6 ] Bug #2250273 - CVE-2023-48236 vim: overflow in get_number https://bugzilla.redhat.com/show_bug.cgi?id=2250273 [ 7 ] Bug #2250274 - CVE-2023-48237 vim: buffer overflow in shift_line https://bugzilla.redhat.com/show_bug.cgi?id=2250274

Update Instructions

This update can be installed with the "dnf" update program. Use su -c 'dnf upgrade --advisory FEDORA-2023-ce3f7d4818' at the command line. For more information, refer to the dnf documentation available at https://dnf.readthedocs.io/en/latest/command_ref.html

Severity
critical
Lowest
Low
Medium
High
Critical

Name: vim
Product: Fedora 37
Version: 9.0.2120
Release: 1.fc37
URL: https://www.vim.org/
Summary: The VIM editor

Topics%20covered

Topics Covered

security advisory software update Fedora service denial Nginx bug patches

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here