[CLSA-2025:1765208529] vim: Fix of 2 CVEs
Type:
security
Severity:
Moderate
Release date:
2025-12-08 15:42:13 UTC
Description:
- CVE-2025-53906: drop leading ../ on write of zipfiles, don't forcefully overwrite existing files - CVE-2025-29768: use glob '[-]' to protect filenames starting with '-'
Updated packages:
  • vim-X11-8.2.2637-20.el9_1.tuxcare.els11.x86_64.rpm
    sha:cf7393d325730395d25de672db936cf15b9e2fad4c60cb090969bab4afa3a1a4
  • vim-common-8.2.2637-20.el9_1.tuxcare.els11.x86_64.rpm
    sha:b17bc0f76e778a93f8b8369611f7010b7e4293fd20d7c68472c404e36086f388
  • vim-enhanced-8.2.2637-20.el9_1.tuxcare.els11.x86_64.rpm
    sha:c221f4ed761ebcf91ca270f59bad50d55f43658ae1012ab5ebffa0ef43d29a62
  • vim-filesystem-8.2.2637-20.el9_1.tuxcare.els11.noarch.rpm
    sha:0572581792753bb768ead81a4702506f3fe1f2e8e73b79fa9abddac55ad0c361
  • vim-minimal-8.2.2637-20.el9_1.tuxcare.els11.x86_64.rpm
    sha:5afe29694c788ac2175e743eced0dc018a3b529e45976e465a15a10d950cddaa
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.