Release date:
2026-06-22 15:48:09 UTC
Description:
- CVE-2026-47162: Vimscript code injection in s:NetrwBookHistSave() in the
netrw plugin via crafted directory names interpolated into the
~/.vim/.netrwhist history file; fixed by properly escaping the value with
string() (runtime/autoload/netrw.vim)
Updated packages:
-
vim-X11-9.0.2153-1.amzn2.0.6.tuxcare.els4.x86_64.rpm
sha:ef5052099cd71e0e5e2dc2dafa6ade08e027981ee4a63f44023b9911290f8445
-
vim-common-9.0.2153-1.amzn2.0.6.tuxcare.els4.x86_64.rpm
sha:b12bba77f752bb7ef0265a5b34c69d87a96e3e41d15b5580e802a58ea562c798
-
vim-data-9.0.2153-1.amzn2.0.6.tuxcare.els4.noarch.rpm
sha:21a194da434561165bff4482117397363fa7f25699b3d27fa3dab534b21f8293
-
vim-enhanced-9.0.2153-1.amzn2.0.6.tuxcare.els4.x86_64.rpm
sha:e452872cfb27ff9af267277e96340af9c22d844e0c0d3ea01893215c2ac43609
-
vim-filesystem-9.0.2153-1.amzn2.0.6.tuxcare.els4.noarch.rpm
sha:3e13938610b3e97f4e71869c89a22adcb9977cc3bae37d79a659eedbcacf2dc7
-
vim-minimal-9.0.2153-1.amzn2.0.6.tuxcare.els4.x86_64.rpm
sha:a830307f42c8b52d6b794b67933d2b247b26bdc20b5385289dd1b42f5c49c0c9
-
xxd-9.0.2153-1.amzn2.0.6.tuxcare.els4.x86_64.rpm
sha:1bd5202a8ef2472753aa1a9d02549bff1bc42609921e93f759df4bf80539c19c
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
