Slackware Local Security Checks : Slackware: Security Advisory (SSA:2023-254-01)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.13.2023.254.01

Categoría: Slackware Local Security Checks

Título: Slackware: Security Advisory (SSA:2023-254-01)

Resumen: The remote host is missing an update for the 'vim' package(s) announced via the SSA:2023-254-01 advisory.

Descripción: Summary:
The remote host is missing an update for the 'vim' package(s) announced via the SSA:2023-254-01 advisory.

Vulnerability Insight:
New vim packages are available for Slackware 15.0 and -current to
fix security issues.

Here are the details from the Slackware 15.0 ChangeLog:
+--------------------------+
patches/packages/vim-9.0.1897-i586-1_slack15.0.txz: Upgraded.
Fixed three use-after-free security issues.
Thanks to marav for the heads-up.
For more information, see:
[links moved to references]
(* Security fix *)
patches/packages/vim-gvim-9.0.1897-i586-1_slack15.0.txz: Upgraded.
Fixed three use-after-free security issues.
Thanks to marav for the heads-up.
For more information, see:
[links moved to references]
(* Security fix *)
+--------------------------+

Affected Software/OS:
'vim' package(s) on Slackware 15.0, Slackware current.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2023-4733
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/
http://seclists.org/fulldisclosure/2023/Oct/24
https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c
https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217
Common Vulnerability Exposure (CVE) ID: CVE-2023-4750
https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed
https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea
Common Vulnerability Exposure (CVE) ID: CVE-2023-4752
https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139
https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757
https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html

Copyright Copyright (C) 2023 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.13.2023.254.01
Categoría:	Slackware Local Security Checks
Título:	Slackware: Security Advisory (SSA:2023-254-01)
Resumen:	The remote host is missing an update for the 'vim' package(s) announced via the SSA:2023-254-01 advisory.
Descripción:	Summary: The remote host is missing an update for the 'vim' package(s) announced via the SSA:2023-254-01 advisory. Vulnerability Insight: New vim packages are available for Slackware 15.0 and -current to fix security issues. Here are the details from the Slackware 15.0 ChangeLog: +--------------------------+ patches/packages/vim-9.0.1897-i586-1_slack15.0.txz: Upgraded. Fixed three use-after-free security issues. Thanks to marav for the heads-up. For more information, see: [links moved to references] (* Security fix ) patches/packages/vim-gvim-9.0.1897-i586-1_slack15.0.txz: Upgraded. Fixed three use-after-free security issues. Thanks to marav for the heads-up. For more information, see: [links moved to references] ( Security fix *) +--------------------------+ Affected Software/OS: 'vim' package(s) on Slackware 15.0, Slackware current. Solution: Please install the updated package(s). CVSS Score: 7.2 CVSS Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2023-4733 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/I56ITJAFMFAQ2G3BMGTCGM3GS62V2DTR/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ITRVK4FB74RZDIGTZJXOZMUW6X6F4TNF/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PFE3LDFRZ7EGWA5AU7YHYL62ELBOFZWQ/ http://seclists.org/fulldisclosure/2023/Oct/24 https://github.com/vim/vim/commit/e1dc9a627536304bc4f738c21e909ad9fcf3974c https://huntr.dev/bounties/1ce1fd8c-050a-4373-8004-b35b61590217 Common Vulnerability Exposure (CVE) ID: CVE-2023-4750 https://github.com/vim/vim/commit/fc68299d436cf87453e432daa77b6d545df4d7ed https://huntr.dev/bounties/1ab3ebdf-fe7d-4436-b483-9a586e03b0ea Common Vulnerability Exposure (CVE) ID: CVE-2023-4752 https://github.com/vim/vim/commit/ee9166eb3b41846661a39b662dc7ebe8b5e15139 https://huntr.dev/bounties/85f62dd7-ed84-4fa2-b265-8a369a318757 https://lists.debian.org/debian-lts-announce/2023/09/msg00035.html
Copyright	Copyright (C) 2023 Greenbone AG