Release date:
2026-05-01 13:15:18 UTC
Description:
- CVE-2026-33412: fix OS command injection via newline in glob() by adding
\n to SHELL_SPECIAL in src/os_unix.c so newlines are escaped before the
pattern is passed to the user's shell
Updated packages:
-
vim-X11-8.2.2637-22.el9_2.1.tuxcare.els17.x86_64.rpm
sha:9ba3432bfc44a1fd717b63e8ec35983cec8827fbaecfb92912d8a1d7a2fca16f
-
vim-common-8.2.2637-22.el9_2.1.tuxcare.els17.x86_64.rpm
sha:91e96559ce17d365d126d8c970ea486c5b00b6aa8d17e488e9ad1a441fe9161a
-
vim-enhanced-8.2.2637-22.el9_2.1.tuxcare.els17.x86_64.rpm
sha:aa6dd6713a367bfc796322605267dbdcdfe7d5d4a80b4cb1c88c79656269b980
-
vim-filesystem-8.2.2637-22.el9_2.1.tuxcare.els17.noarch.rpm
sha:809bc9ceaa7c59ffd2215768edfe410a81cf4484cb3d4ede5594656cb7457741
-
vim-minimal-8.2.2637-22.el9_2.1.tuxcare.els17.x86_64.rpm
sha:1307f9b27d6c6a7cc1cb8e84d83c549c4ee9b57f8e629b88a996c0d713d4cf37
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
