Release date:
2026-03-27 12:33:20 UTC
Description:
- CVE-2026-28417: fix OS command injection in netrw plugin when handling
specially crafted URLs such as scp://
- CVE-2026-28421: fix heap-buffer-overflow and crash when recovering from a
maliciously crafted Vim swap file
Updated packages:
-
vim-X11-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
sha:9b661e345ebae1548be4d61d8f2c782de8eec5e260c9f5438adff306324cc9a0
-
vim-common-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
sha:14b287625755f7c9cec86ec991e87ed68eed525075ed3b3e4b9ddf826e1aedcd
-
vim-enhanced-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
sha:f0b4acfff7b1a9dffb997857f76c13c091c4144a3bf07f3928261bbb9bf789ab
-
vim-filesystem-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
sha:edb8ab48d2ec720659d3efe5b4b038c7aadeaafff1a24313b15f052151e8386a
-
vim-minimal-7.4.629-5.2.el6.tuxcare.els48.x86_64.rpm
sha:0b1dd61613042c8486b9436affde6ec5f120cc61477f67d37536fced73f06a12
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
