[CLSA-2026:1781551234] vim: Fix of CVE-2026-47162
Type:
security
Severity:
Important
Release date:
2026-06-15 19:24:16 UTC
Description:
- CVE-2026-47162: fix code injection in netrw via a crafted directory name serialized into .netrwhist by NetrwBookHistSave() using string() to safely encode the value (runtime/autoload/netrw.vim, upstream patch 9.2.0495)
CVEs fixed:
Updated packages:
  • vim-X11-8.0.1763-19.el8.4.tuxcare.els18.x86_64.rpm
    sha:ef9d4f0f41eb00a5bac6e9894ab36a8ab5b7df50d47c7a72ef8fce826a2384e8
  • vim-common-8.0.1763-19.el8.4.tuxcare.els18.x86_64.rpm
    sha:c75f49338d1c7ebe059703605c41e226d899bcc41d3238943df591caf54a4352
  • vim-enhanced-8.0.1763-19.el8.4.tuxcare.els18.x86_64.rpm
    sha:d0928e1c8a5981dc61a40b8fee1cadefd10dee638e74b91c49102aa53fed8863
  • vim-filesystem-8.0.1763-19.el8.4.tuxcare.els18.noarch.rpm
    sha:5509b0643e8db874082c45bc3c1e6e44ee6aa5d98fc00f0c2c11eda4e5093ed6
  • vim-minimal-8.0.1763-19.el8.4.tuxcare.els18.x86_64.rpm
    sha:7fdeb413f6101ef8aaaba81fb9a62759991f1c45fdaef0e9c9fc14a458346bb0
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.