Release date:
2026-05-07 17:02:21 UTC
Description:
- CVE-2026-39881: fix netbeans defineAnnoType command injection by validating
typeName, fg and bg against an allowlist before passing them to coloncmd();
also restrict specialKeys tokens to alphanumeric characters to prevent map
command injection
Updated packages:
-
vim-X11-7.4.629-8.0.1.el7_9.tuxcare.els14.x86_64.rpm
sha:67cd72379cab03fcd81d933a5aafc0dfe4c8c447be34b41c4ea7538dc54de2e2
-
vim-common-7.4.629-8.0.1.el7_9.tuxcare.els14.x86_64.rpm
sha:5262287f549e0fb9697f332dc586000d2160224317b6abadde36f41ce09ce355
-
vim-enhanced-7.4.629-8.0.1.el7_9.tuxcare.els14.x86_64.rpm
sha:4587526298f33f041b280656467fec873a67348e7a0ce9b774cd2d2508ba50bc
-
vim-filesystem-7.4.629-8.0.1.el7_9.tuxcare.els14.x86_64.rpm
sha:0185d6e29c1275c0f2f241bb33d95d654b4a9d87de9693a2b97f7667697612c2
-
vim-minimal-7.4.629-8.0.1.el7_9.tuxcare.els14.x86_64.rpm
sha:954167e0b881e5b3a44b90447b1f502eb5b06c468c0dd540d79d62568030e695
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
