Release date:
2026-03-26 11:54:17 UTC
Description:
* SECURITY UPDATE: Crash when recovering a corrupted swap file
- debian/patches/CVE-2026-28421.patch: add bounds checks in swap file
recovery to prevent heap-buffer-overflow and SEGV from crafted swap files
- CVE-2026-28421
* SECURITY UPDATE: Command injection via crafted netrw URIs
- debian/patches/CVE-2026-28417.patch: fix command injection in netrw
via crafted scp:// URIs by adding strict hostname validation and
shellescape()
- CVE-2026-28417
Updated packages:
-
vim_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb
sha:e288e204fa1e269dbf7abcf090ed5d9bcdec30f0
-
vim-athena_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb
sha:656267ab7270fa293a8b3f97a4f03483a6218de6
-
vim-common_8.1.0875-5+deb10u6+tuxcare.els16_all.deb
sha:ed90cd2ca4f5c784c1c7342f6d7d72535107c3b1
-
vim-doc_8.1.0875-5+deb10u6+tuxcare.els16_all.deb
sha:4113966a9d8f7725f71d92ac69a053d8cfa0eda6
-
vim-gtk_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb
sha:1dddc1c860405a7ffe713fb1853355a19ba6c670
-
vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb
sha:f3f77b58aedbec873260d9d629c2eaf5f969174f
-
vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els16_all.deb
sha:0557127776d7694f6207b1abf87ef9fbdc23c87c
-
vim-nox_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb
sha:738b2d5cfbed2d59d12a763076d5f8a7889679ac
-
vim-runtime_8.1.0875-5+deb10u6+tuxcare.els16_all.deb
sha:a70c8295818fdb0ed4ffe376e73ac6a9f669c98b
-
vim-tiny_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb
sha:5b4043c5a47679e889bea4b2ed82b319f843c494
-
xxd_8.1.0875-5+deb10u6+tuxcare.els16_amd64.deb
sha:27675dd5097ea0c62004e7bd41786e32af7076b2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
