Your message dated Tue, 17 Jun 2008 16:02:31 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#486502: fixed in vim 1:7.1.314-3
has caused the Debian Bug report #486502,
regarding multiple vulnerabilities found in vim
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
486502: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=486502
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: vim
Version: 1:7.1.314-2
Severity: grave
Tags: security
Justification: user security hole
Forwarding the following, which was just pointed out to me:
http://www.rdancer.org/vulnerablevim.html
http://www.reddit.com/r/programming/info/6ng40/comments/
--- End Message ---
--- Begin Message ---
Source: vim
Source-Version: 1:7.1.314-3
We believe that the bug you reported is fixed in the latest version of
vim, which is due to be installed in the Debian FTP archive:
vim-common_7.1.314-3_i386.deb
to pool/main/v/vim/vim-common_7.1.314-3_i386.deb
vim-dbg_7.1.314-3_i386.deb
to pool/main/v/vim/vim-dbg_7.1.314-3_i386.deb
vim-doc_7.1.314-3_all.deb
to pool/main/v/vim/vim-doc_7.1.314-3_all.deb
vim-full_7.1.314-3_all.deb
to pool/main/v/vim/vim-full_7.1.314-3_all.deb
vim-gnome_7.1.314-3_i386.deb
to pool/main/v/vim/vim-gnome_7.1.314-3_i386.deb
vim-gtk_7.1.314-3_i386.deb
to pool/main/v/vim/vim-gtk_7.1.314-3_i386.deb
vim-gui-common_7.1.314-3_all.deb
to pool/main/v/vim/vim-gui-common_7.1.314-3_all.deb
vim-lesstif_7.1.314-3_i386.deb
to pool/main/v/vim/vim-lesstif_7.1.314-3_i386.deb
vim-nox_7.1.314-3_i386.deb
to pool/main/v/vim/vim-nox_7.1.314-3_i386.deb
vim-perl_7.1.314-3_all.deb
to pool/main/v/vim/vim-perl_7.1.314-3_all.deb
vim-python_7.1.314-3_all.deb
to pool/main/v/vim/vim-python_7.1.314-3_all.deb
vim-ruby_7.1.314-3_all.deb
to pool/main/v/vim/vim-ruby_7.1.314-3_all.deb
vim-runtime_7.1.314-3_all.deb
to pool/main/v/vim/vim-runtime_7.1.314-3_all.deb
vim-tcl_7.1.314-3_all.deb
to pool/main/v/vim/vim-tcl_7.1.314-3_all.deb
vim-tiny_7.1.314-3_i386.deb
to pool/main/v/vim/vim-tiny_7.1.314-3_i386.deb
vim_7.1.314-3.diff.gz
to pool/main/v/vim/vim_7.1.314-3.diff.gz
vim_7.1.314-3.dsc
to pool/main/v/vim/vim_7.1.314-3.dsc
vim_7.1.314-3_i386.deb
to pool/main/v/vim/vim_7.1.314-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
James Vega <[EMAIL PROTECTED]> (supplier of updated vim package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Tue, 17 Jun 2008 11:12:18 -0400
Source: vim
Binary: vim-common vim-gui-common vim-runtime vim-doc vim-tiny vim vim-dbg
vim-perl vim-python vim-ruby vim-tcl vim-gtk vim-nox vim-lesstif vim-gnome
vim-full
Architecture: source all i386
Version: 1:7.1.314-3
Distribution: unstable
Urgency: high
Maintainer: Debian Vim Maintainers <[EMAIL PROTECTED]>
Changed-By: James Vega <[EMAIL PROTECTED]>
Description:
vim - Vi IMproved - enhanced vi editor
vim-common - Vi IMproved - Common files
vim-dbg - Vi IMproved - enhanced vi editor (debugging symbols)
vim-doc - Vi IMproved - HTML documentation
vim-full - Vi IMproved - enhanced vi editor (transitional package)
vim-gnome - Vi IMproved - enhanced vi editor - with GNOME2 GUI
vim-gtk - Vi IMproved - enhanced vi editor - with GTK2 GUI
vim-gui-common - Vi IMproved - Common GUI files
vim-lesstif - Vi IMproved - enhanced vi editor - with LessTif GUI
vim-nox - Vi IMproved - enhanced vi editor
vim-perl - Vi IMproved - enhanced vi editor (transitional package)
vim-python - Vi IMproved - enhanced vi editor (transitional package)
vim-ruby - Vi IMproved - enhanced vi editor (transitional package)
vim-runtime - Vi IMproved - Runtime files
vim-tcl - Vi IMproved - enhanced vi editor (transitional package)
vim-tiny - Vi IMproved - enhanced vi editor - compact version
Closes: 486417 486446 486502
Changes:
vim (1:7.1.314-3) unstable; urgency=high
.
* Update runtime files affected by the filename escape vulnerability.
(CVE 2008-2712, Closes: #486502)
* debian/vim-runtime.preinst:
- Only add the diversions if the preinst is called with the "install" or
"upgrade" (to handle the previous mishandling in postrm) arguments.
* debian/vim-runtime.postrm:
- Only remove the diversions if the postrm is called with the "remove"
argument. (Closes: #486446)
* runtime/menu.vim:
- Escape the buffer name when using the "Window -> Split File Explorer"
menu item. (Closes: #486417)
Checksums-Sha1:
6601b57927ce68bce5fd2cf9fcab5f1be659cd5e 1698 vim_7.1.314-3.dsc
bf645e6f1a918f7cf23182768a9791d266e3bcf7 404431 vim_7.1.314-3.diff.gz
e085e66c66292158480fe8223050470aa81cb974 174970
vim-gui-common_7.1.314-3_all.deb
e2ed9adfbc8054289c6b0d39e0851b427144e4a0 5606868 vim-runtime_7.1.314-3_all.deb
6af962596f4de9f53b21aa869e1abc9e5c558ec8 2151506 vim-doc_7.1.314-3_all.deb
1233d32b6b3df893fc9e5da76a8322a83390e044 74374 vim-perl_7.1.314-3_all.deb
29081a31ecb2fd21003613ecf8b74de90bb10d3d 74374 vim-python_7.1.314-3_all.deb
e1a3297f2d93a7f10e272eeb881051147ea0529f 74374 vim-ruby_7.1.314-3_all.deb
43657b532a8060c55218e2bcdbcce7410b524970 74368 vim-tcl_7.1.314-3_all.deb
3c0e984f41d84547428c20d14e5563e30fa50c00 74400 vim-full_7.1.314-3_all.deb
e1ad4db11dccaaa6c3682638ee29164129fd78b7 334592 vim-tiny_7.1.314-3_i386.deb
7287003ad605b981d03561de4ac9e3bee64aba92 993172 vim-gtk_7.1.314-3_i386.deb
e2553f60447f0933cbb48dc88ce361117eae6367 995390 vim-gnome_7.1.314-3_i386.deb
1be080d7c64fc2432db7da04622d53e9ee781dfb 986134 vim-lesstif_7.1.314-3_i386.deb
0f83db4af1695e385277afdee3bac410fa02b66a 862810 vim-nox_7.1.314-3_i386.deb
eaa5f50bd41bdcc389d07a36a4aa49640ecab814 229568 vim-common_7.1.314-3_i386.deb
fcba36f8c9752f6b74ef37df6ff9263cceb8c911 776482 vim_7.1.314-3_i386.deb
0f4e2fae14dfc896bda0a0625240c9453637e37a 8381388 vim-dbg_7.1.314-3_i386.deb
Checksums-Sha256:
b346155c683bcbaaa40890928d8c3552a487a6600adcad26d699ebd9cd613047 1698
vim_7.1.314-3.dsc
ad81d074e1ac0fdc7938be95212adf236619e9b77ceb4102e663e3419d74cf8e 404431
vim_7.1.314-3.diff.gz
f4a290171eb2606e6facc0f444613f51da1c978f04800e7c3ee512d2eeba05f0 174970
vim-gui-common_7.1.314-3_all.deb
f0523591bb84648b5e3f665f0e0f6a493f2a54b48875fc551e949b0557adb978 5606868
vim-runtime_7.1.314-3_all.deb
84ca83d3334986f0d6683ef22c244bc61222a20f8c9ad62d0e8acd9ccd26bcf5 2151506
vim-doc_7.1.314-3_all.deb
09404e6536ed7fd182657faf8caa43c7343f995d8206ffc4693c261d9ba3e5fb 74374
vim-perl_7.1.314-3_all.deb
620c65faa11c5a867c90ef96133cfd356e30bc5a8892f2bcaeb9cfba3887cfd1 74374
vim-python_7.1.314-3_all.deb
3044262073ec9011f9b0b5df5da34766de3adb0d02614a907305495d4bfdf4a6 74374
vim-ruby_7.1.314-3_all.deb
dda6491565e0aa121b73d26824577bcc702dd026fd6d01d29f177ea937e6773a 74368
vim-tcl_7.1.314-3_all.deb
53fe0e45a1db9f7e166232105c1cd4ec96948f76039ede29cf741296ac1b65d5 74400
vim-full_7.1.314-3_all.deb
9ac585828487db1c8938e85c376cd7272d896f76997dbd99f9df38c049e1fb56 334592
vim-tiny_7.1.314-3_i386.deb
a66800afe629a29adac10403c31a56974032b8c94d8a9a4f3f2563e0059b8da7 993172
vim-gtk_7.1.314-3_i386.deb
cb62583fc3e6d825db548c38e17073588905d568d17db681c3b94c9b51433f2b 995390
vim-gnome_7.1.314-3_i386.deb
eae638c60dea7cdf8f717a336bd50b2ba911b10fe5e4af4d6d1c6af121c0e1bb 986134
vim-lesstif_7.1.314-3_i386.deb
59b9993f631c3ac3e26bed04329e8dbc2023826e6c26fe784081fd53a815cfa1 862810
vim-nox_7.1.314-3_i386.deb
65a743e7244c2e04db49fccd618ffbf8aac40bd7a7cabc475fa4f1c6a625c67b 229568
vim-common_7.1.314-3_i386.deb
2d3b3c01feca0d009bd9bd80b845f83a77baa3b29469073c1493f285be7bd2e3 776482
vim_7.1.314-3_i386.deb
0a0ad200f357f24a71e14aa6cb1c2ea3e26fea137c247d97bb70f848aa82d40c 8381388
vim-dbg_7.1.314-3_i386.deb
Files:
6fa164c6b186d61a87b6a4b04d1b84e0 1698 editors optional vim_7.1.314-3.dsc
fbac45c14fa93265b96aab12e61c7816 404431 editors optional vim_7.1.314-3.diff.gz
24e02c39ab94006855cad5f37a55a136 174970 editors optional
vim-gui-common_7.1.314-3_all.deb
387bfba0eed274bc06d2773428a20a56 5606868 editors optional
vim-runtime_7.1.314-3_all.deb
c43e1833849621b927d33545e18cbab6 2151506 doc optional vim-doc_7.1.314-3_all.deb
13df95a4c7ab9bca2c0aa25c8f109688 74374 editors extra vim-perl_7.1.314-3_all.deb
59be3c9017d36fe783d4a9f38c6cfc39 74374 editors extra
vim-python_7.1.314-3_all.deb
4ee4b8b6a8c1278793697d2da61f6960 74374 editors extra vim-ruby_7.1.314-3_all.deb
6b187da4e7acda408bb76ca1d18548e0 74368 editors extra vim-tcl_7.1.314-3_all.deb
1db8e401811e06f0f337643da75da1d4 74400 editors extra vim-full_7.1.314-3_all.deb
01cb9912672ce279fe17bf550628dc41 334592 editors important
vim-tiny_7.1.314-3_i386.deb
8171c691d5058662252a61abaac8b6ba 993172 editors extra
vim-gtk_7.1.314-3_i386.deb
ab781f2443c3c29ade6fdced74365cd5 995390 editors extra
vim-gnome_7.1.314-3_i386.deb
8133013f2d276619de53465ca7e8130b 986134 editors extra
vim-lesstif_7.1.314-3_i386.deb
78ea32cb3d152f6338cfc63cf56ef313 862810 editors extra
vim-nox_7.1.314-3_i386.deb
eca91d3fa1ae090ac2f46164d853d21c 229568 editors important
vim-common_7.1.314-3_i386.deb
245fb0879f6ad74808dcc81e29272a5e 776482 editors optional vim_7.1.314-3_i386.deb
d2f8e26bae3ba5962e10b6aebc13aa98 8381388 editors extra
vim-dbg_7.1.314-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iEYEARECAAYFAkhX2/kACgkQDb3UpmEybUA0ZgCfeai4OlfXNSnrO4nDD+bxOL3p
6V0An2RdoUPapC2CsGMyxqH/eA6dxtWj
=/XbZ
-----END PGP SIGNATURE-----
--- End Message ---
