| Errata ID | 450 |
|---|---|
| Date | 2017-08-16 |
| Source package | vim |
| Fixed in version | 2:7.3.547-7.57.201708101432 |
| Description | This update addresses the following issues: * execution of arbitrary code if a file with a specially crafted modeline is opened (CVE-2016-1248) * buffer overflow if a spellfile has an invalid length in it (CVE-2017-5953) * corrupted undo file can lead to buffer overflows due to integer overflow in a u_read_undo memory allocation (CVE-2017-6349) * corrupted undo file can lead to buffer overflows due to integer overflow in an unserialize_uep memory allocation (CVE-2017-6350) * denial of service (invalid free) or possibly unspecified other impact via crafted source (aka -S) file (CVE-2017-11109) |
| Additional notes | |
| CVE ID | CVE-2016-1248 CVE-2017-5953 CVE-2017-6349 CVE-2017-6350 CVE-2017-11109 |
| UCS Bug number | #43111 |
