Release date:
2026-03-25 09:51:29 UTC
Description:
- CVE-2026-28417: fix OS command injection in netrw plugin when handling
specially crafted URLs such as scp://
- CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a
maliciously crafted Vim swap file
Updated packages:
-
vim-X11-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
sha:6598927f13645a86d695da466691b44575dc6b629c266eb5462d71e19767738b
-
vim-common-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
sha:96cc0bcf68f93e21b07c47e6e424fe65a28df2b2a08aaf012798ed4aa64b7249
-
vim-enhanced-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
sha:fccb3308718cbcf95e69191fe3ce25ee248d70adcdaf3356a7ca73bc98738d22
-
vim-filesystem-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
sha:432f16e4cab6ee18297b0443f0b94ead800a868a39af9b9d64915c07245825d8
-
vim-minimal-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
sha:560a5ba488195e06013f6836e3833082667a1e648fecf866af495ec44de86214
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
