Release date:
2026-05-26 14:42:07 UTC
Description:
- CVE-2026-44656: fix shell command execution via backticks in 'path' option
during file completion by skipping backtick entries in expand_path_option()
(findfile.c, upstream patches 9.2.0435 and 9.2.0444; the P_SECURE-on-'path'
portion of 9.2.0435 was reverted by 9.2.0444 and is intentionally not
backported)
Updated packages:
-
vim-X11-8.2.2637-22.el9_6.1.tuxcare.els32.x86_64.rpm
sha:78c144fce5ebc6c3e5cb9eb162378698a3b982c60b0c4d21ba13be41c63aaa1c
-
vim-common-8.2.2637-22.el9_6.1.tuxcare.els32.x86_64.rpm
sha:9508616510ea7bd90c68b4c578490e3c27953a55b98dc262e5af075ddbd9e4ca
-
vim-enhanced-8.2.2637-22.el9_6.1.tuxcare.els32.x86_64.rpm
sha:fd6431fe6fabb83482e903fb304b39419664d2000890908cb5fd1690feeca2e2
-
vim-filesystem-8.2.2637-22.el9_6.1.tuxcare.els32.noarch.rpm
sha:5eb32b5ac7099b289519c195df738f6297f1d7bb54da4e2ad8efc7341f12bc44
-
vim-minimal-8.2.2637-22.el9_6.1.tuxcare.els32.x86_64.rpm
sha:3c2e7bb8ee880f2a98ddc164a75eb4456366765f10bc487bffd1f79f992987fe
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
