[CLSA-2026:1783079038] vim: Fix of CVE-2026-57456
Type:
security
Severity:
Important
Release date:
2026-07-03 11:44:13 UTC
Description:
- CVE-2026-57456: use repr() to quote python omni-completion doc strings before exec() in the Scope/Class/Function get_code() of pythoncomplete/python3complete, preventing code execution via a crafted docstring (upstream 9.2.0699)
CVEs fixed:
Updated packages:
  • vim-X11-7.4.629-8.0.1.el7_9.tuxcare.els24.x86_64.rpm
    sha:271b5bcfc6c259caba46fcdb8d70ccfd9c3f6a288225e3591a848fd7fbd4262e
  • vim-common-7.4.629-8.0.1.el7_9.tuxcare.els24.x86_64.rpm
    sha:6b83960a06cb4b482bcac05671b1fc67f3d15af47c6c8d60ba72ce776368590a
  • vim-enhanced-7.4.629-8.0.1.el7_9.tuxcare.els24.x86_64.rpm
    sha:91a5e9bbf9c072e9532eb07d52fc20a3e4e30df0efce1b3d7713e3b89a247638
  • vim-filesystem-7.4.629-8.0.1.el7_9.tuxcare.els24.x86_64.rpm
    sha:86b796455b9ee666354507913e2134c3e474003d413b25d369926b7bf1e289f6
  • vim-minimal-7.4.629-8.0.1.el7_9.tuxcare.els24.x86_64.rpm
    sha:291da5e02550455dc483b3898f67a2c71c2d8f6e0bf3efc70aec48bcef943710
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.