[ubuntu/questing-updates] vim 2:9.1.0967-1ubuntu6.3 (Accepted)
Ubuntu Archive Robot
ubuntu-archive-robot at lists.canonical.com
Mon Apr 27 19:58:23 UTC 2026
vim (2:9.1.0967-1ubuntu6.3) questing-security; urgency=medium
* SECURITY UPDATE: Path Traversal in zip.vim
- debian/patches/CVE-2026-35177.patch: Detect malicious zip files before
writing in runtime/autoload/zip.vim
- CVE-2026-35177
* SECURITY UPDATE: Command Injection in netbeans
- debian/patches/CVE-2026-39881.patch: Validate typename, fg, and bg
before passing to coloncmd in src/netbeans.c
- CVE-2026-39881
Date: 2026-04-24 19:27:52.951613+00:00
Changed-By: Kyle Kernick <kyle.kernick at canonical.com>
Signed-By: Ubuntu Archive Robot <ubuntu-archive-robot at lists.canonical.com>
https://launchpad.net/ubuntu/+source/vim/2:9.1.0967-1ubuntu6.3
-------------- next part --------------
Sorry, changesfile not available.
More information about the Questing-changes
mailing list