[CLSA-2023:1695320045] Fix CVE(s): CVE-2023-4736
Type:
security
Severity:
Important
Release date:
2023-09-21 18:14:10 UTC
Description:
* SECURITY UPDATE: An executable file with some well-known name like zip, gzip, and so on can be started from a current directory during some plugin is opening apropriate file that has a one of the extensions .zip, .gzip, .rb, and etc. This issue is effective only if the PATH environment variable has a ./ (dot) as one element in the path list - debian/patches/CVE-2023-4736.patch: avoid starting executable from a current directory for some plugins - CVE-2023-4736
Updated packages:
  • vim_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:bec856215a96427e4b0c2bba4a49a82883b3e466
  • vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:c5f93832b0410a3008f714f7f18a75539949ec2b
  • vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:88bcbf844bea9ef50d8ebed081b9394ee078d00e
  • vim-common_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:68672aba3375d3cfab6212d0e343ba0496dbb532
  • vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els46_all.deb
    sha:f69a23d8aee1a32e80a7e0214e4163b1321dfd65
  • vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:b1e32e8a8db8462858a8c982ae083add872b38f5
  • vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:06631a05682a75fc5a3173ab32bb933facfacbc8
  • vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:c380c7c67ef4cf5ad21ad8bfa0f2d2829083849f
  • vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:ccce7bc035d084c5b1c90b88c076ba25650269ca
  • vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:3dde5304963675510a44e0571bd40aef9efe5172
  • vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:9d9d04ffd4a54d21d5284ec1aca9f48c979bc2bf
  • vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els46_all.deb
    sha:ec30abddc4cbce26e3f92c957573a09787476510
  • vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:533d919ee4a0ef38e0949b68870163b875ed4bbc
  • vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:352bd38de87aa66e7724dea6bda10efd73f302ed
  • vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els46_all.deb
    sha:15f179df592b10b6fe70cc7577fe59ee38e0001c
  • vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els46_amd64.deb
    sha:ca81691f01fac1b3fb927a329aa5afec1489be0a
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.