Release date:
2026-05-05 22:33:26 UTC
Description:
- CVE-2026-39881: fix netbeans defineAnnoType command injection by validating
typeName, fg and bg against an allowlist before passing them to coloncmd();
also restrict specialKeys tokens to alphanumeric characters to prevent map
command injection
Updated packages:
-
vim-X11-7.4.629-8.0.1.el7_9.tuxcare.els14.x86_64.rpm
sha:63c96c4d7b027545ad68a987b12a80b8076cc0c67726ad08487dd63b18cd80c2
-
vim-common-7.4.629-8.0.1.el7_9.tuxcare.els14.x86_64.rpm
sha:34fd097344592e5e9ea226ec189b34c45942ea3ba4d13585a9f895ac49e38c29
-
vim-enhanced-7.4.629-8.0.1.el7_9.tuxcare.els14.x86_64.rpm
sha:4f0dc9fdc328a71d951b45f80c984114d1d58c6c1a4c897eb5bd868e8db8622a
-
vim-filesystem-7.4.629-8.0.1.el7_9.tuxcare.els14.x86_64.rpm
sha:24f3bc13a61cdb0a456e6569ee8d7a6f1194e9dd1ece01876185f461362d3710
-
vim-minimal-7.4.629-8.0.1.el7_9.tuxcare.els14.x86_64.rpm
sha:e5deda7098c5fd82ffce559808b32cb15bc591a31459c9e7ff85b3ec4d279d2d
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
