[CLSA-2026:1777625424] Fix CVE(s): CVE-2026-39881
Type:
security
Severity:
Important
Release date:
2026-05-01 08:50:30 UTC
Description:
* SECURITY UPDATE: Command injection in netbeans interface - debian/patches/CVE-2026-39881.patch: add nb_is_safe_string() in src/netbeans.c and validate typeName, fg and bg in defineAnnoType and key tokens in special_keys() against an allowlist before they reach coloncmd()/do_map(), preventing a malicious netbeans server from injecting Ex commands via '|' - CVE-2026-39881
Updated packages:
  • vim_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:00be62d666ca79c56a411b4b331a8ade4663c48d
  • vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:2f49bc5a83cf24a793e41547e44de6e055b9627d
  • vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:cc47ed0f2af7e1deb172953d4abea1a97a52f831
  • vim-common_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:7315bb15b25c300d54f446a1fb7c58f5fe9f05f7
  • vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els63_all.deb
    sha:c6c7bf7d35362af196b360b36dd388a7fd777a4e
  • vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:872c7e989e1b3c1930689e291f1aa1f519ffabfc
  • vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:2166c6d68079b0f9722415962869c21a20e4444f
  • vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:cd6c63c243d505f14d463114e349f627bae4741e
  • vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:a3307d5c711c47bcf94e05bc08279214107ff9f8
  • vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:02d234e003b8871740cfb0af90bffba482f6c4bf
  • vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:885ae0c327efa8ebcba3e5fde0df0faab9b2a668
  • vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els63_all.deb
    sha:8b9f3d71dfef22f0811de64feb18e5cc88711945
  • vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:2f351f0847ae69df63dec1a45283b0c858fe6c24
  • vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:876a0dacece2f150492f92d6bcde35381e6fc25c
  • vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els63_all.deb
    sha:1d4f0ea24191d830087125a8fb6d9b5b653bdf14
  • vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els63_amd64.deb
    sha:04f63f75d0579e57965044d8266fca898e5ae958
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.