CVE-2025-29768 was announced here: https://www.openwall.com/lists/oss-security/2025/03/12/4 https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf
Whiteboard: (none) => MGA9TOOCVE: (none) => CVE-2025-29768Source RPM: (none) => vim-9.1.1166-1.mga9.src.rpm
Suggested advisory: ======================== The updated packages fix a security vulnerability: Vim vulnerable to potential data loss with zip.vim and special crafted zip files. (CVE-2025-29768) References: https://www.openwall.com/lists/oss-security/2025/03/12/4 https://github.com/vim/vim/security/advisories/GHSA-693p-m996-3rmf ======================== Updated packages in core/updates_testing: ======================== vim-X11-9.1.1202-1.mga9 vim-common-9.1.1202-1.mga9 vim-enhanced-9.1.1202-1.mga9 vim-minimal-9.1.1202-1.mga9 from SRPM: vim-9.1.1202-1.mga9.src.rpm
Version: Cauldron => 9Whiteboard: MGA9TOO => (none)Status: NEW => ASSIGNEDAssignee: bugsquad => qa-bugs
Keywords: (none) => advisory
MGA9-64, Xfce, old Chromebook The following 4 packages are going to be installed: - vim-common-9.1.1202-1.mga9.x86_64 - vim-enhanced-9.1.1202-1.mga9.x86_64 - vim-minimal-9.1.1202-1.mga9.x86_64 - vim-X11-9.1.1202-1.mga9.x86_64 --- working as expected with basic text files $ vi --version VIM - Vi IMproved 9.1 (2024 Jan 02, compiled Mar 14 2025 08:18:56) Included patches: 1-1202 Compiled by ns80 <ns80> Huge version without GUI. $ gvim vim.txt $ gvim --version VIM - Vi IMproved 9.1 (2024 Jan 02, compiled Mar 14 2025 08:17:08) Included patches: 1-1202 Compiled by ns80 <ns80> Huge version with GTK3 GUI. basic text editing is working for me.
CC: (none) => brtians1
Trying to follow the zip vim trail but need the zip vim plugin. Tried this from ~/.vim : $ git clone https://github.com/ZipCPU/zipcpu/blob/master/zip.vim Cloning into 'zip.vim'... fatal: repository 'https://github.com/ZipCPU/zipcpu/blob/master/zip.vim/' not found So how do we install a vim plugin?
CC: (none) => tarazed25
MGA9-64 Plasma Wayland on Compaq H000SB No installation issues. vi --version VIM - Vi IMproved 9.1 (2024 Jan 02, compiled Mar 14 2025 08:18:56) Included patches: 1-1202 Compiled by ns80 <ns80> Huge version without GUI. Features included (+) or not (-): etc..... Used vimx to edit a txt file, no problems seen. @Len Did you look at the vimana package?
CC: (none) => herman.viaene
@Herman No. Had not heard of it. Looking for it now.
OK. We have it - needs a lot of Perl support.
Now need to travel down the perl road. $ vimana launches Can't locate UNIVERSAL/require.pm in @INC (you may need to install the UNIVERSAL::require module).....
This is getting close to developer country. Have almost no knowledge of perl and even less of configuring vim. Not much point in pursuing this.
(In reply to Len Lawrence from comment #7) > Now need to travel down the perl road. > $ vimana launches > Can't locate UNIVERSAL/require.pm in @INC (you may need to install the > UNIVERSAL::require module)..... urpmf UNIVERSAL/require.pm perl-UNIVERSAL-require:/usr/share/perl5/vendor_perl/UNIVERSAL/require.pm But that most be other report, vimana missing requiree on perl-UNIVERSAL-require
(In reply to katnatek in comment #9) Thanks katnatek - that simply had not occurred to me. Bug report later.
zip.vim is a plugin that's built-in to vim and automatically loads by default (via /etc/vim/vimrc). If you see "zip" as a result of the command :augroup or if ":echo g:loaded_zipPlugin" shows you a version then the plug-in has been loaded. With the plug-in enabled, opening a zip file (e.g. ":e /usr/share/unicode/ucd/Unihan.zip") will shows a menu of files within the zip which you can load (enter) or extract (x). It's the latter function that contained a security vulnerability.
CC: (none) => dan
Thanks Dan. Ran those commands before update and all looked good. mga9, x64 :augroup This gives the following before update: filetypedetect filetypeplugin filetypeindent vimStartup vimHints syntaxset gzi p matchparen FileExplorer Network tar Vimball zip Press ENTER or type command to continue :echo g:loaded_zipPlugin v33 :e /home/lcl/qa/zipfiles/caladea.zip " zip.vim version v34 " Browsing zipfile /home/lcl/qa/zipfiles/caladea.zip " Select a file with cursor and press ENTER google-fonts-crosextra-caladea-20130214/ google-fonts-crosextra-caladea-20130214/LICENSE google-fonts-crosextra-caladea-20130214/caladea-bold.ttf google-fonts-crosextra-caladea-20130214/caladea-italic.ttf google-fonts-crosextra-caladea-20130214/caladea-regular.ttf google-fonts-crosextra-caladea-20130214/caladea-bolditalic.ttf ~ Selected LICENSE file with the cursor + Enter: Copyright: 2012, Huerta Tipografia with Reserved Font Name "Caladea". This Font Software is licensed under the Apache License 2.0, Version 2.0 as shown below. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the License for the specific language governing permissions and limitations under the License. Had to execute :q! twice to exit. Back after the update.
Continuing from comment #12: The update ran smoothly. The plugin version query returns v33 as before. Back to the original zipped file. That produced the same output as before, opening in readonly mode. That is probably all we need do to pass this but I would like to look for a reproducer - later.
And I did not try the :x command.
Could not find a safe way to test the vulnerability. So... $ cd tmp $ ls abc-0.ps board board.9 group.swp JournalPage whatever abc-1.ps board.1 caladea.zip journalpage playlist/ $ vim Used the :e command to list the contents of caladea.zip and used the text cursor to select one of the zipped files and typed 'x'. Vim replied: ***note*** successfully extracted google-fonts-crosextra-caladea-2013 0214/caladea-bold.ttf Exited and checked the directory. $ ls tmp abc-0.ps board.9 journalpage abc-1.ps caladea.zip JournalPage board google-fonts-crosextra-caladea-20130214/ playlist/ board.1 group.swp whatever Looks like the updated vim works OK.
Whiteboard: (none) => MGA9-64-OK
There is a PoC available at https://www.vim.org/hgweb/vim/raw-file/eacdc3780761/src/testdir/samples/poc.zip Using vim-enhanced-9.1.1166-1.mga9.x86_64 produces an error when extracting the first file but using vim-enhanced-9.1.1202-1.mga9.x86_64 the file is extracted successfully. I've been using 1202 for a couple of days without any issues.
Validating.
CC: (none) => andrewsfarm, sysadmin-bugsKeywords: (none) => validated_update
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2025-0107.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED