Bug 31637 - vim new security issue CVE-2023-1127, CVE-2023-117[05], and CVE-2023-1264
Summary: vim new security issue CVE-2023-1127, CVE-2023-117[05], and CVE-2023-1264
Status: RESOLVED FIXED
Alias: None
Product: Mageia
Classification: Unclassified
Component: Security (show other bugs)
Version: 8
Hardware: All Linux
Priority: Normal normal
Target Milestone: ---
Assignee: QA Team
QA Contact: Sec team
URL:
Whiteboard: MGA8-64-OK
Keywords: advisory, validated_update
Depends on:
Blocks:
 
Reported: 2023-03-04 23:05 CET by David Walser
Modified: 2023-04-05 03:01 CEST (History)
5 users (show)

See Also:
Source RPM: vim-9.0.1314-1.mga9.src.rpm
CVE:
Status comment:


Attachments

Description David Walser 2023-03-04 23:05:14 CET
Fedora has issued an advisory today (March 4):
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/

The issue is fixed upstream in 9.0.1367.

Mageia 8 is also affected.
David Walser 2023-03-04 23:05:40 CET

Status comment: (none) => Fixed upstream in 9.0.1367
Whiteboard: (none) => MGA8TOO

Comment 1 Lewis Smith 2023-03-05 20:30:00 CET
Vim is tv's baby, so assigning this update to you.

Assignee: bugsquad => thierry.vignaud

Comment 2 David Walser 2023-03-16 18:01:41 CET
SUSE has issued an advisory on March 16:
https://lists.suse.com/pipermail/sle-security-updates/2023-March/014068.html

Two new issues are fixed upstream in 9.0.1378.

Mageia 8 is also affected.

Status comment: Fixed upstream in 9.0.1367 => Fixed upstream in 9.0.1378
Summary: vim new security issue CVE-2023-1127 => vim new security issue CVE-2023-1127 and CVE-2023-117[05]

Comment 3 Nicolas Salguero 2023-03-17 14:56:24 CET
Suggested advisory:
========================

The updated packages fix security vulnerabilities:

Divide By Zero in GitHub repository vim/vim prior to 9.0.1367. (CVE-2023-1127)

Heap-based Buffer Overflow in GitHub repository vim/vim prior to 9.0.1376. (CVE-2023-1170)

Incorrect Calculation of Buffer Size in GitHub repository vim/vim prior to 9.0.1378. (CVE-2023-1175)

References:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1127
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1170
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1175
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/PDVN5HSWPNVP4QXBPCEGZDLZKURLJWTE/
https://lists.suse.com/pipermail/sle-security-updates/2023-March/014068.html
========================

Updated packages in core/updates_testing:
========================
vim-X11-9.0.1411-1.mga8
vim-common-9.0.1411-1.mga8
vim-enhanced-9.0.1411-1.mga8
vim-minimal-9.0.1411-1.mga8

from SRPM:
vim-9.0.1411-1.mga8.src.rpm

CC: (none) => nicolas.salguero
Status: NEW => ASSIGNED
Status comment: Fixed upstream in 9.0.1378 => (none)
Assignee: thierry.vignaud => qa-bugs
Version: Cauldron => 8
Whiteboard: MGA8TOO => (none)

Comment 4 David Walser 2023-03-17 17:16:13 CET
Note that this is still pending a freeze move in Cauldron.
Comment 5 Len Lawrence 2023-03-20 18:11:46 CET
Mageia8, x86_64

Updated the packages.
Edited a sample  weather report in command and insertion modes.  Removed and replaced lines in overwrite.  Exercised the search function using command /.  Repeated search using / and Return.  In insertion mode Esc returns to command mode.  The degree symbol ° could be typed in as key combination and characters like € could be cut and pasted in insert mode.

Tried editing a list of files, using the :next command in vim.  That worked.
$ vim + servercheck
starts up with the cursor positioned at the end of the file.

At this basic level there are no obvious regressions.

Whiteboard: (none) => MGA8-64-OK
CC: (none) => tarazed25

Comment 6 David Walser 2023-03-20 18:32:25 CET
This update also fixes CVE-2023-1264:
https://ubuntu.com/security/notices/USN-5963-1
Comment 7 Thomas Andrews 2023-03-20 21:15:57 CET
Validating. Advisory in Comment 3, with an additional CVE reference in Comment 6.

Keywords: (none) => validated_update
CC: (none) => andrewsfarm, sysadmin-bugs

Comment 8 David Walser 2023-03-20 22:50:04 CET
(In reply to David Walser from comment #6)
> This update also fixes CVE-2023-1264:
> https://ubuntu.com/security/notices/USN-5963-1

Fedora reference for the newer CVEs:
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/DIAKPMKJ4OZ6NYRZJO7YWMNQL2BICLYV/

Summary: vim new security issue CVE-2023-1127 and CVE-2023-117[05] => vim new security issue CVE-2023-1127, CVE-2023-117[05], and CVE-2023-1264

Dave Hodgins 2023-03-24 00:27:01 CET

Keywords: (none) => advisory
CC: (none) => davidwhodgins

Comment 9 Mageia Robot 2023-03-24 06:57:33 CET
An update for this issue has been pushed to the Mageia Updates repository.

https://advisories.mageia.org/MGASA-2023-0110.html

Resolution: (none) => FIXED
Status: ASSIGNED => RESOLVED


Note You need to log in before you can comment on or make changes to this bug.