Packages
- vim - Vi IMproved - enhanced vi editor
Details
It was discovered that Vim incorrectly handled permissions on the .swp
file. A local attacker could possibly use this issue to obtain sensitive
information. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-17087)
It was discovered that Vim incorrectly handled restricted mode. A local
attacker could possibly use this issue to bypass restricted mode and
execute arbitrary commands. Note: This update only makes executing shell
commands more difficult. Restricted mode should not be considered a
complete security measure. (CVE-2019-20807)
It was discovered that Vim incorrectly handled permissions on the .swp
file. A local attacker could possibly use this issue to obtain sensitive
information. This issue only affected Ubuntu 16.04 LTS. (CVE-2017-17087)
It was discovered that Vim incorrectly handled restricted mode. A local
attacker could possibly use this issue to bypass restricted mode and
execute arbitrary commands. Note: This update only makes executing shell
commands more difficult. Restricted mode should not be considered a
complete security measure. (CVE-2019-20807)
Update instructions
In general, a standard system update will make all the necessary changes.
Learn more about how to get the fixes.The problem can be corrected by updating your system to the following package versions:
Ubuntu Release | Package Version | ||
---|---|---|---|
18.04 bionic | vim – 2:8.0.1453-1ubuntu1.4 | ||
vim-common – 2:8.0.1453-1ubuntu1.4 | |||
vim-runtime – 2:8.0.1453-1ubuntu1.4 | |||
16.04 xenial | vim – 2:7.4.1689-3ubuntu1.5 | ||
vim-common – 2:7.4.1689-3ubuntu1.5 | |||
vim-runtime – 2:7.4.1689-3ubuntu1.5 |
Reduce your security exposure
Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.