Oracle alert ELSA-2026-7711 (vim)
| From: | Errata Announcements for Oracle Linux via El-errata <el-errata@oss.oracle.com> | |
| To: | el-errata@oss.oracle.com | |
| Subject: | [El-errata] ELSA-2026-7711 Important: Oracle Linux 10 vim security update | |
| Date: | Mon, 13 Apr 2026 21:56:15 -0700 | |
| Message-ID: | <mailman.55.1776340112.31.el-errata@oss.oracle.com> |
Oracle Linux Security Advisory ELSA-2026-7711 http://linux.oracle.com/errata/ELSA-2026-7711.html The following updated rpms for Oracle Linux 10 have been uploaded to the Unbreakable Linux Network: x86_64: vim-X11-9.1.083-6.0.1.el10_1.3.x86_64.rpm vim-common-9.1.083-6.0.1.el10_1.3.x86_64.rpm vim-data-9.1.083-6.0.1.el10_1.3.noarch.rpm vim-enhanced-9.1.083-6.0.1.el10_1.3.x86_64.rpm vim-filesystem-9.1.083-6.0.1.el10_1.3.noarch.rpm vim-minimal-9.1.083-6.0.1.el10_1.3.x86_64.rpm xxd-9.1.083-6.0.1.el10_1.3.x86_64.rpm aarch64: vim-X11-9.1.083-6.0.1.el10_1.3.aarch64.rpm vim-common-9.1.083-6.0.1.el10_1.3.aarch64.rpm vim-data-9.1.083-6.0.1.el10_1.3.noarch.rpm vim-enhanced-9.1.083-6.0.1.el10_1.3.aarch64.rpm vim-filesystem-9.1.083-6.0.1.el10_1.3.noarch.rpm vim-minimal-9.1.083-6.0.1.el10_1.3.aarch64.rpm xxd-9.1.083-6.0.1.el10_1.3.aarch64.rpm SRPMS: http://oss.oracle.com/ol10/SRPMS-updates/vim-9.1.083-6.0.... Related CVEs: CVE-2026-28417 CVE-2026-28421 CVE-2026-33412 Description of changes: [9.1.083-6.0.1.el10_1.3] - Remove upstream references [Orabug: 31197557] [2:9.1.083-6.3] - RHEL-159615 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob() function [2:9.1.083-6.2] - RHEL-155409 CVE-2026-28421 vim: Vim: Denial of service and information disclosure via crafted swap file [2:9.1.083-6.2] - RHEL-155425 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin [2:9.1.083-6.1] - RHEL-147922 CVE-2026-25749 vim: Heap Overflow in Vim _______________________________________________ El-errata mailing list El-errata@oss.oracle.com https://oss.oracle.com/mailman/listinfo/el-errata