From Salvatore Bonaccorso@21:1/5 to All on Wed Mar 5 18:00:02 2025
Source: vim
Version: 2:9.1.0861-1
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil@debian.org, Debian Security Team <team@security.debian.org>
Control: found -1 2:9.0.1378-2
Control: found -1 2:9.1.1113-1
Hi,
The following vulnerability was published for vim.
CVE-2025-27423[0]:
| Vim is an open source, command line text editor. Vim is distributed
| with the tar.vim plugin, that allows easy editing and viewing of
| (compressed or uncompressed) tar files. Starting with 9.1.0858, the
| tar.vim plugin uses the ":read" ex command line to append below the
| cursor position, however the is not sanitized and is taken literally
| from the tar archive. This allows to execute shell commands via
| special crafted tar archives. Whether this really happens, depends
| on the shell being used ('shell' option, which is set using $SHELL).
| The issue has been fixed as of Vim patch v9.1.1164
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.