RLSA-2026:22730

Synopsis

Moderate: vim security update

Description

Vim (Vi IMproved) is an updated and improved version of the vi editor.

Security Fix(es):

* vim: zip.vim: Vim zip.vim plugin: Arbitrary file overwrite via path traversal bypass (CVE-2026-35177)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected products

Rocky Linux 8 aarch64 Rocky Linux 8 x86_64

Fixes

2455542

CVEs

CVE-2026-35177

Affected packages

Rocky Linux 8 x86_64 - BaseOS

vim-2:8.0.1763-23.el8_10.src.rpm vim-debuginfo-2:8.0.1763-23.el8_10.x86_64.rpm vim-debugsource-2:8.0.1763-23.el8_10.x86_64.rpm vim-minimal-2:8.0.1763-23.el8_10.x86_64.rpm vim-minimal-debuginfo-2:8.0.1763-23.el8_10.x86_64.rpm

Rocky Linux 8 aarch64 - BaseOS

vim-2:8.0.1763-23.el8_10.src.rpm vim-debuginfo-2:8.0.1763-23.el8_10.aarch64.rpm vim-debugsource-2:8.0.1763-23.el8_10.aarch64.rpm vim-minimal-2:8.0.1763-23.el8_10.aarch64.rpm vim-minimal-debuginfo-2:8.0.1763-23.el8_10.aarch64.rpm

Rocky Linux 8 aarch64 - AppStream

vim-common-2:8.0.1763-23.el8_10.aarch64.rpm vim-common-debuginfo-2:8.0.1763-23.el8_10.aarch64.rpm vim-enhanced-2:8.0.1763-23.el8_10.aarch64.rpm vim-enhanced-debuginfo-2:8.0.1763-23.el8_10.aarch64.rpm vim-filesystem-2:8.0.1763-23.el8_10.noarch.rpm vim-X11-2:8.0.1763-23.el8_10.aarch64.rpm vim-X11-debuginfo-2:8.0.1763-23.el8_10.aarch64.rpm

Rocky Linux 8 x86_64 - AppStream

vim-common-2:8.0.1763-23.el8_10.x86_64.rpm vim-common-debuginfo-2:8.0.1763-23.el8_10.x86_64.rpm vim-enhanced-2:8.0.1763-23.el8_10.x86_64.rpm vim-enhanced-debuginfo-2:8.0.1763-23.el8_10.x86_64.rpm vim-filesystem-2:8.0.1763-23.el8_10.noarch.rpm vim-X11-2:8.0.1763-23.el8_10.x86_64.rpm vim-X11-debuginfo-2:8.0.1763-23.el8_10.x86_64.rpm