7 matches found
[SECURITY] [DSA 4261-1] vim-syntastic security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4261-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 03, 2018 https://www.debian.org/security/faq -...
Debian DLA-1444-1 : vim-syntastic security update
CVE-2018-11319 The improper handling of search for configuration files might be exploited for arbitrary code execution via a malicious gcc plugin. For Debian 8 'Jessie', this problem has been fixed in version 3.5.0-1+deb8u1. We recommend that you upgrade your vim-syntastic packages. NOTE: Tenable...
[SECURITY] [DLA 1444-1] vim-syntastic security update
Package : vim-syntastic Version : 3.5.0-1+deb8u1 CVE ID : CVE-2018-11319 CVE-2018-11319 The improper handling of search for configuration files might be exploited for arbitrary code execution via a malicious gcc plugin. For Debian 8 "Jessie", this problem has been fixed in version 3.5.0-1+deb8u1...
Debian: Security Advisory (DLA-1444-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-11319
Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root. This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a...
CVE-2018-11319
Syntastic (vim-syntastic) up to version 3.9.0 is vulnerable due to how config files are searched: it traverses from the project directory upward toward root, enabling arbitrary code execution if an attacker can write to a parent directory of the checked project. Published fixes exist: Debian stre...
CVE-2018-11319
Syntastic aka vim-syntastic through 3.9.0 does not properly handle searches for configuration files it searches the current directory up to potentially the root. This improper handling might be exploited for arbitrary code execution via a malicious gcc plugin, if an attacker has write access to a...