ELSA-2026-22730

ULN >
Oracle Linux Errata repository >
ELSA-2026-22730

ELSA-2026-22730 - vim security update

Type:	SECURITY
Impact:	MODERATE
Release Date:	2026-06-04

Description

[8.0.1763-23.0.1]
- Remove upstream references [Orabug: 31197557]
- Added glibc-gconv-extra to common requires to provide ISO-8859-2 [Orabug: 34114984]

[2:8.0.1763-23]
- RHEL-170126 CVE-2026-35177 vim: Vim zip.vim plugin: Arbitrary file overwrite
via path traversal bypass

[2:8.0.1763-22.3]
- Relates: RHEL-164956 vim: arbitrary command execution via modeline sandbox bypass

[2:8.0.1763-22.2]
- Resolves: RHEL-164956 vim: arbitrary command execution via modeline sandbox bypass

[2:8.0.1763-22.1]
- RHEL-159620 CVE-2026-33412 vim: Vim: Arbitrary code execution via command injection in glob() function
- RHEL-155428 CVE-2026-28417 vim: Vim: Arbitrary code execution via OS command injection in the netrw plugin
- RHEL-155412 CVE-2026-28421 vim: Vim: Denial of service and information disclosure via crafted swap file

Related CVEs

CVE-2026-35177

Updated Packages

Release/Architecture	Filename	sha256	Superseded By Advisory	Channel Label

Oracle Linux 8 (aarch64)	vim-8.0.1763-23.0.1.el8_10.src.rpm	d85acc27447e8794d5cc65962d82f4fccc908d74f7d463ac0e2a825b192c42ba	-	ol8_aarch64_appstream
	vim-8.0.1763-23.0.1.el8_10.src.rpm	d85acc27447e8794d5cc65962d82f4fccc908d74f7d463ac0e2a825b192c42ba	-	ol8_aarch64_baseos_latest
	vim-8.0.1763-23.0.1.el8_10.src.rpm	d85acc27447e8794d5cc65962d82f4fccc908d74f7d463ac0e2a825b192c42ba	-	ol8_aarch64_u10_baseos_patch
	vim-X11-8.0.1763-23.0.1.el8_10.aarch64.rpm	98a8501bb32e085288f26babae1ecd022e3b82fc18e842767f38aec468e09853	-	ol8_aarch64_appstream
	vim-common-8.0.1763-23.0.1.el8_10.aarch64.rpm	fa98284c0970531218253170565fd40a3b23219c83451c9c1795038ad7d9e259	-	ol8_aarch64_appstream
	vim-enhanced-8.0.1763-23.0.1.el8_10.aarch64.rpm	23f7670ee29d1ecde3ee01c57a886e77f59a519e4ff85b173dc8c0b4677ee982	-	ol8_aarch64_appstream
	vim-filesystem-8.0.1763-23.0.1.el8_10.noarch.rpm	3e395adf4f4454096ce1a18d0e11def3ce5b57ac094336f0eee3f00759874ad0	-	ol8_aarch64_appstream
	vim-minimal-8.0.1763-23.0.1.el8_10.aarch64.rpm	818d43c6b693d471b6b37b821c690625fcda15b22dcebca1d9d2f602f09c6d53	-	ol8_aarch64_baseos_latest
	vim-minimal-8.0.1763-23.0.1.el8_10.aarch64.rpm	818d43c6b693d471b6b37b821c690625fcda15b22dcebca1d9d2f602f09c6d53	-	ol8_aarch64_u10_baseos_patch

Oracle Linux 8 (x86_64)	vim-8.0.1763-23.0.1.el8_10.src.rpm	d85acc27447e8794d5cc65962d82f4fccc908d74f7d463ac0e2a825b192c42ba	-	ol8_x86_64_appstream
	vim-8.0.1763-23.0.1.el8_10.src.rpm	d85acc27447e8794d5cc65962d82f4fccc908d74f7d463ac0e2a825b192c42ba	-	ol8_x86_64_baseos_latest
	vim-8.0.1763-23.0.1.el8_10.src.rpm	d85acc27447e8794d5cc65962d82f4fccc908d74f7d463ac0e2a825b192c42ba	-	ol8_x86_64_u10_baseos_patch
	vim-X11-8.0.1763-23.0.1.el8_10.x86_64.rpm	6c9f2ca1a44960851e9d6137ad072b3dcc455855d340a71ff199ec5eac401434	-	ol8_x86_64_appstream
	vim-common-8.0.1763-23.0.1.el8_10.x86_64.rpm	62fb1dfa92da45eacef7e86959808785975fa193f8f558579941f17f10fac422	-	ol8_x86_64_appstream
	vim-enhanced-8.0.1763-23.0.1.el8_10.x86_64.rpm	37863a75ab1fa8487a6d92ca97f3d56f154d9291dfc817fb39074e0dae9409ee	-	ol8_x86_64_appstream
	vim-filesystem-8.0.1763-23.0.1.el8_10.noarch.rpm	3e395adf4f4454096ce1a18d0e11def3ce5b57ac094336f0eee3f00759874ad0	-	ol8_x86_64_appstream
	vim-minimal-8.0.1763-23.0.1.el8_10.x86_64.rpm	b41fbe5c4dc637271a7012971685aa91372d041fc1cf48c47478a570672fcf4d	-	ol8_x86_64_baseos_latest
	vim-minimal-8.0.1763-23.0.1.el8_10.x86_64.rpm	b41fbe5c4dc637271a7012971685aa91372d041fc1cf48c47478a570672fcf4d	-	ol8_x86_64_u10_baseos_patch

This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team

Technical information

Oracle Linux Support

Connect

Contact Us

Global contacts
Oracle 1-800-633-0691