CVE-2025-26603 was announced here: https://openwall.com/lists/oss-security/2025/02/16/1 https://github.com/vim/vim/security/advisories/GHSA-63p5-mwg2-787v
Status comment: (none) => Fixed upstream in 9.1.1115CVE: (none) => CVE-2025-26603Source RPM: (none) => vim-9.1.1043-1.mga9.src.rpm
Suggested advisory: ======================== The updated packages fix a security vulnerability: A heap use-after-free was found in str_to_reg() in Vim < 9.1.1115. (CVE-2025-26603) References: https://openwall.com/lists/oss-security/2025/02/16/1 https://github.com/vim/vim/security/advisories/GHSA-63p5-mwg2-787v ======================== Updated packages in core/updates_testing: ======================== vim-X11-9.1.1122-1.mga9 vim-common-9.1.1122-1.mga9 vim-enhanced-9.1.1122-1.mga9 vim-minimal-9.1.1122-1.mga9 from SRPM: vim-9.1.1122-1.mga9.src.rpm
Status comment: Fixed upstream in 9.1.1115 => (none)Assignee: bugsquad => qa-bugsStatus: NEW => ASSIGNED
Keywords: (none) => advisory
RH x86_64 vim -u NONE -i NONE -n -m -X -Z -e -s -S CVE-2025-26603-POC -c :qa! Do nothing installing vim-X11-9.1.1122-1.mga9.x86_64.rpm vim-common-9.1.1122-1.mga9.x86_64.rpm vim-minimal-9.1.1122-1.mga9.x86_64.rpm vim-enhanced-9.1.1122-1.mga9.x86_64.rpm from //home/katnatek/qa-testing/x86_64 Preparing... ################################################################################################## 1/4: vim-common ################################################################################################## 2/4: vim-X11 ################################################################################################## 3/4: vim-enhanced ################################################################################################## 4/4: vim-minimal ################################################################################################## 1/4: removing vim-enhanced-9.1.1043-1.mga9.x86_64 ################################################################################################## 2/4: removing vim-X11-9.1.1043-1.mga9.x86_64 ################################################################################################## 3/4: removing vim-common-9.1.1043-1.mga9.x86_64 ################################################################################################## 4/4: removing vim-minimal-9.1.1043-1.mga9.x86_64 ################################################################################################## vim -u NONE -i NONE -n -m -X -Z -e -s -S CVE-2025-26603-POC -c :qa! Do nothing vim works OK
MGA9-64 Plasma Wayland on Compaq H000SB No installation issues. Used vim on a .txt file, applied commands dd, a, i and x. All worked OK.
Whiteboard: (none) => MGA9-64-OKCC: (none) => herman.viaene
Validating.
Keywords: (none) => validated_updateCC: (none) => andrewsfarm, sysadmin-bugs
An update for this issue has been pushed to the Mageia Updates repository. https://advisories.mageia.org/MGASA-2025-0074.html
Status: ASSIGNED => RESOLVEDResolution: (none) => FIXED
The Mageia Updates repository has been updated with a new version which addresses this particular problem. https://advisories.mageia.org/MGASA-2025-0074.html https://basketball-stars.co/
CC: (none) => urielvalerie08
CC: urielvalerie08 => (none)