Overview Repositories Revisions Requests Users Attributes Meta
Security update for vim

This update for vim fixes the following issues:

Security issues fixed:

- CVE-2017-5953: Fixed a possible overflow with corrupted spell file (bsc#1024724)
- CVE-2017-6350: Fixed a possible overflow when reading a corrupted undo file (bsc#1027053)
- CVE-2017-6349: Fixed a possible overflow when reading a corrupted undo file (bsc#1027057)

Non security issues fixed:

- Speed up YAML syntax highlighting (bsc#1018870)

This update was imported from the SUSE:SLE-12:Update update project.

Fixed bugs
bnc#1018870
Problematic VIM regular expression handling for Ansible YAML files.
bnc#1024724
VUL-1: CVE-2017-5953: vim: crafted spellfile can cause buffer overflow
bnc#1027053
VUL-1: CVE-2017-6350: vim: An integer overflow at an unserialize_uep memory allocation site wouldoccur for vim before patch
bnc#1027057
VUL-1: CVE-2017-6349: vim: An integer overflow at a u_read_undo memory allocation site would occurfor vim before patch 8.0.037...
CVE-2017-5953
CVE-2017-6350
CVE-2017-6349
Selected Binaries
openSUSE Build Service is sponsored by
Places