[CLSA-2026:1781550491] vim: Fix of CVE-2026-47162
Type:
security
Severity:
Important
Release date:
2026-06-15 19:11:51 UTC
Description:
- CVE-2026-47162: fix code injection in netrw via a crafted directory name serialized into .netrwhist by NetrwBookHistSave() using string() to safely encode the value (runtime/autoload/netrw.vim, upstream patch 9.2.0495)
CVEs fixed:
Updated packages:
  • vim-X11-8.0.1763-16.el8.tuxcare.els19.x86_64.rpm
    sha:c2930e440e858508d9b53d0a22436f8a296a8d1631fadca033001c75facd7480
  • vim-common-8.0.1763-16.el8.tuxcare.els19.x86_64.rpm
    sha:d029dcefff9688320a10c0a0a749ed25d74180d7b387ab4ef07be439a4dea505
  • vim-enhanced-8.0.1763-16.el8.tuxcare.els19.x86_64.rpm
    sha:a545aa908ec546b0d794cd4dc618572faa0e2c7b7b6eac4d99d85b366845b17a
  • vim-filesystem-8.0.1763-16.el8.tuxcare.els19.noarch.rpm
    sha:9ce4a4a0cefc48cdbd308a873382785d366341be31486c607a586886c34d181f
  • vim-minimal-8.0.1763-16.el8.tuxcare.els19.x86_64.rpm
    sha:f66c1ef29d0e411364f7c2ed9655393d6c991e937b114c8e1cd454cb1e164d62
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.