[CLSA-2026:1783075843] vim: Fix of CVE-2026-57456
Type:
security
Severity:
Important
Release date:
2026-07-03 10:50:59 UTC
Description:
- CVE-2026-57456: use repr() to quote python omni-completion doc strings before exec() in the Scope/Class/Function get_code() of pythoncomplete/python3complete, preventing code execution via a crafted docstring (upstream 9.2.0699)
CVEs fixed:
Updated packages:
  • vim-X11-7.4.629-5.2.el6.tuxcare.els59.x86_64.rpm
    sha:49d02809a94edf242405f1b77215bca8a3ff8ac1ebbf93c9da8cb436df0fced3
  • vim-common-7.4.629-5.2.el6.tuxcare.els59.x86_64.rpm
    sha:2861318988d65dd928ac2588d7ae6a00b1538c93ec73a5d6e450000fcb3c79cd
  • vim-enhanced-7.4.629-5.2.el6.tuxcare.els59.x86_64.rpm
    sha:d29a4ef28fe845056a274d0fdc3c596320799077946c687dea3e2e11ed16230c
  • vim-filesystem-7.4.629-5.2.el6.tuxcare.els59.x86_64.rpm
    sha:dbfc28244bce9cf49a079e756eb39e83458647b0214b9702e9d6d24fa9503470
  • vim-minimal-7.4.629-5.2.el6.tuxcare.els59.x86_64.rpm
    sha:02618ae35b2699c94d57575a93f815d60894503384d162e53c466549cbc2a6b4
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.