Overview

File _patchinfo of Package patchinfo.43071

<patchinfo incident="43071">
  <!--generated with prepare-update from request 403451-->
  <issue tracker="bnc" id="1246602">VUL-0: CVE-2025-53906: vim: malicious zip archive may cause a path traversal in Vim&#8217;s zip</issue>
  <issue tracker="bnc" id="1258229">VUL-0: CVE-2026-26269: vim: Netbeans specialKeys stack buffer overflow</issue>
  <issue tracker="bnc" id="1259051">VUL-0: CVE-2026-28417: vim: crafted URL parsed by netrw plugin can lead to execute arbitrary shell commands</issue>
  <issue tracker="cve" id="2025-53906"/>
  <issue tracker="cve" id="2026-26269"/>
  <issue tracker="cve" id="2026-28417"/>
  <category>security</category>
  <rating>moderate</rating>
  <packager>mschreiner</packager>
  <summary>Security update for vim</summary>
  <description>This update for vim fixes the following issues:

Update Vim to version 9.2.0110:

- CVE-2025-53906: malicious zip archive may cause a path traversal in Vim's zip (bsc#1246602).
- CVE-2026-26269: Netbeans specialKeys stack buffer overflow (bsc#1258229).
- CVE-2026-28417: crafted URL parsed by netrw plugin can lead to execute arbitrary shell commands (bsc#1259051).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places