AIX Open Source

Expand all | Collapse all

VIM CVE-2021-3875 - Security Advisory - Update to 8.2.3489 needed

  • 1.  VIM CVE-2021-3875 - Security Advisory - Update to 8.2.3489 needed

    IBM Select
    Posted Thu October 21, 2021 04:40 AM

    Hi AIX OpenSource-Team,

    please update vim, because of the security issue CVE-2021-3875.
    PoC is already public.


    AIX Toolbox Version: 8.1.2424


    AFFECTED VERSIONS

    • Affected versions: vim < 8.2.3489

    RECOMMENDATIONS
    Upgrade vim to version 8.2.3489 

    https://github.com/vim/vim/commit/35a319b77f897744eec1155b736e9372c9c5575f

    https://bugzilla.redhat.com/show_bug.cgi?id=2014661

    https://access.redhat.com/security/cve/CVE-2021-3875

    https://huntr.dev/bounties/5cdbc168-6ba1-4bc2-ba6c-28be12166a53/



    ------------------------------
    Tobias Schröer
    ------------------------------


  • 2.  RE: VIM CVE-2021-3875 - Security Advisory - Update to 8.2.3489 needed

    Posted Fri October 22, 2021 10:54 AM
    Thank you Tobias for reporting this.
    We will look into it and provide the fixed vim.

    ------------------------------
    SANKET RATHI
    ------------------------------