Bug 31954

Summary: vim new security issue CVE-2023-2426
Product: Mageia Reporter: David Walser <luigiwalser>
Component: SecurityAssignee: QA Team <qa-bugs>
Status: RESOLVED FIXED QA Contact: Sec team <security>
Severity: normal    
Priority: Normal CC: andrewsfarm, davidwhodgins, herman.viaene, nicolas.salguero, noteminnow, sysadmin-bugs
Version: 8Keywords: advisory, validated_update
Target Milestone: ---   
Hardware: All   
OS: Linux   
Whiteboard: MGA8-64-OK
Source RPM: vim-9.0.1441-1.mga9.src.rpm CVE: CVE-2023-2426
Status comment:

Description David Walser 2023-05-22 15:10:02 CEST 
Fedora has issued an advisory on May 20:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LOJP6M7ZTKZQYOGVOOAY6TIE6ACBJL55/

The issue is fixed upstream in 9.0.1499.

Mageia 8 is also affected.
David Walser 2023-05-22 15:10:16 CEST

Status comment: (none) => Fixed upstream in 9.0.1499
Whiteboard: (none) => MGA8TOO

Comment 1 Nicolas Salguero 2023-05-23 10:26:37 CEST 
Suggested advisory:
========================

The updated packages fix a security vulnerability:

Use of Out-of-range Pointer Offset in GitHub repository vim/vim prior to 9.0.1499. (CVE-2023-2426)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2426
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/LOJP6M7ZTKZQYOGVOOAY6TIE6ACBJL55/
========================

Updated packages in core/updates_testing:
========================
vim-X11-9.0.1572-1.mga8
vim-common-9.0.1572-1.mga8
vim-enhanced-9.0.1572-1.mga8
vim-minimal-9.0.1572-1.mga8

from SRPM:
vim-9.0.1572-1.mga8.src.rpm

CC: (none) => nicolas.salguero
Assignee: bugsquad => qa-bugs
Status: NEW => ASSIGNED
Status comment: Fixed upstream in 9.0.1499 => (none)
Whiteboard: MGA8TOO => (none)
Version: Cauldron => 8
CVE: (none) => CVE-2023-2426

Comment 2 Herman Viaene 2023-05-26 10:38:59 CEST 
MGA8-64 MATE on Acer Aspire 5253
No installation issues
Opened plain text file, inserted and added some text, deleted a line, wrote the fie back and quit. Reviewed the changes with mousepad, all OK
Ref bug 31766:
$ vim -r
Swap files found:
   In current directory:
      -- none --
   In directory ~/tmp:
      -- none --
   In directory /var/tmp:
      -- none --
   In directory /tmp:
      -- none --
I haven't come across the usage of swap files for a looooong time, so I guess this is all OK.

CC: (none) => herman.viaene
Whiteboard: (none) => MGA8-64-OK

Comment 3 Thomas Andrews 2023-05-26 23:30:18 CEST 
Validating. Advisory in comment 1.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Dave Hodgins 2023-05-30 18:51:11 CEST

CC: (none) => davidwhodgins
Keywords: (none) => advisory

Comment 4 Mageia Robot 2023-05-31 08:42:54 CEST 
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0192.html

Status: ASSIGNED => RESOLVED
Resolution: (none) => FIXED

Comment 5 Shelton Maria 2023-06-12 11:45:19 CEST Comment hidden (spam)

CC: (none) => noteminnow

Comment 6 David Walser 2023-06-16 00:19:36 CEST 
This update also fixed CVE-2023-2610:
https://www.debian.org/lts/security/2023/dla-3453

It was fixed upstream in 9.0.1532.
Comment 7 David Walser 2023-06-20 14:59:25 CEST 
This update also fixed CVE-2023-2609:
https://ubuntu.com/security/notices/USN-6154-1

It was fixed upstream in 9.0.1531.