news 28 Posted February 13, 2017 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 - ------------------------------------------------------------------------- Debian Security Advisory DSA-3786-1 security ( -at -) debian.org https://www.debian.org/security/ Moritz Muehlenhoff February 13, 2017 https://www.debian.org/security/faq - ------------------------------------------------------------------------- Package : vim CVE ID : CVE-2017-5953 Debian Bug : 854969 Editor spell files passed to the vim (Vi IMproved) editor may result in an integer overflow in memory allocation and a resulting buffer overflow which potentially could result in the execution of arbitrary code or denial of service. For the stable distribution (jessie), this problem has been fixed in version 2:7.4.488-7+deb8u2. For the unstable distribution (sid), this problem has been fixed in version 2:8.0.0197-2. We recommend that you upgrade your vim packages. Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked questions can be found at: https://www.debian.org/security/ Share this post Link to post
