[CLSA-2026:1783788245] vim: Fix of CVE-2026-57456
Type:
security
Severity:
Important
Release date:
2026-07-11 16:44:20 UTC
Description:
- CVE-2026-57456: use repr() to quote python omni-completion doc strings before exec() in the Scope/Class/Function get_code() of pythoncomplete/python3complete, preventing code execution via a crafted docstring (upstream 9.2.0699)
CVEs fixed:
Updated packages:
  • vim-X11-7.4.629-8.0.1.el7_9.tuxcare.els24.x86_64.rpm
    sha:c08b9407d07f96a59052ef701f5b2603efe217c589311345668720c1377fba33
  • vim-common-7.4.629-8.0.1.el7_9.tuxcare.els24.x86_64.rpm
    sha:63f5b113cdd489744a023dc990c66c2dadbc1a7576f379431dd88e42ece75ccd
  • vim-enhanced-7.4.629-8.0.1.el7_9.tuxcare.els24.x86_64.rpm
    sha:6de6651c7d6656b8203a026b596129747486ce6e21e59dc6e03389591f2fc046
  • vim-filesystem-7.4.629-8.0.1.el7_9.tuxcare.els24.x86_64.rpm
    sha:102cbfcb68c14eb8ee8968d1057d6c0f25d31558942e9358e707e6480f9de2b8
  • vim-minimal-7.4.629-8.0.1.el7_9.tuxcare.els24.x86_64.rpm
    sha:28c57172be30ea7b6850378a742f413bccfd5395d3d4a6f1eafd9fda475774d9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.