Release date:
2026-06-25 08:55:23 UTC
Description:
- CVE-2026-52858: disable execution of import/from statements harvested from
the buffer during python omni-completion (pythoncomplete/python3complete),
gated behind the opt-in g:pythoncomplete_allow_import (upstream 9.2.0561 and
9.2.0568)
- CVE-2026-52860: strip parameter default values and annotations and whitelist
class base expressions before exec() of reconstructed function/class source
in python omni-completion (upstream 9.2.0597)
Updated packages:
-
vim-X11-7.4.629-8.0.1.el7_9.tuxcare.els21.x86_64.rpm
sha:c384b13a88980d4dd2b2ff612119f389447ada95be0ddfe95d2cfc7f5b1ea772
-
vim-common-7.4.629-8.0.1.el7_9.tuxcare.els21.x86_64.rpm
sha:f7fc543bdbff7ab5ae5d90e0edc6dfc4ff420e581cecc8098dd35f9ea9e30915
-
vim-enhanced-7.4.629-8.0.1.el7_9.tuxcare.els21.x86_64.rpm
sha:fdc131054fac1b01495529a68091fc47f61e61613ddb8255c309c0d8687dbfd1
-
vim-filesystem-7.4.629-8.0.1.el7_9.tuxcare.els21.x86_64.rpm
sha:43f9371887525de8a38564bac279a764f897caf9c926eb4cf59eb96b07f9039a
-
vim-minimal-7.4.629-8.0.1.el7_9.tuxcare.els21.x86_64.rpm
sha:bcbfcc0b285797619db81230c3b21c0edd19ee2a6c5223d4be17ad5d1d53f321
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
