Release date:
2026-05-25 09:12:45 UTC
Description:
- CVE-2026-42307: fix shell injection in netrw via the tempfile suffix when
reading sftp:// or file:// URLs by escaping the tempfile and restricting
the suffix regex to word characters
Updated packages:
-
vim-X11-8.2.2637-22.el9_2.1.tuxcare.els29.x86_64.rpm
sha:f6562e3030405a1010db6acdd2d8cf46eeb209350d010b0627bf0335c2ec649c
-
vim-common-8.2.2637-22.el9_2.1.tuxcare.els29.x86_64.rpm
sha:9de26524723fb75cc29b7df0a153f6567cb7f360aa1480f49916526cdcf7c00c
-
vim-enhanced-8.2.2637-22.el9_2.1.tuxcare.els29.x86_64.rpm
sha:1a7c853ba0a3f51e959ed88e134f26850580483c90481ffae2ec2bf88bfc2640
-
vim-filesystem-8.2.2637-22.el9_2.1.tuxcare.els29.noarch.rpm
sha:6e7cc918e79d189327a0be5a1475d1ba3bc35f04d876a943f291dfd40dad3df5
-
vim-minimal-8.2.2637-22.el9_2.1.tuxcare.els29.x86_64.rpm
sha:a39719ac55b3547488131abc69a648c8f0d693ddac80790101abbe4a9c8cb0f2
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
