Release date:
2026-05-01 18:44:09 UTC
Description:
- CVE-2026-33412: fix OS command injection via newline in glob() by adding
\n to SHELL_SPECIAL in src/os_unix.c so newlines are escaped before the
pattern is passed to the user's shell
Updated packages:
-
vim-X11-8.2.2637-22.el9_6.1.tuxcare.els17.x86_64.rpm
sha:194c6e0794807d91085edb43043a4c95bb7bb5c56e67ed127699054882234ea0
-
vim-common-8.2.2637-22.el9_6.1.tuxcare.els17.x86_64.rpm
sha:22be3034d60ccacb25a951328a3cc0f03d6d1e27716198b4c4128a5d5783f412
-
vim-enhanced-8.2.2637-22.el9_6.1.tuxcare.els17.x86_64.rpm
sha:418f63a27df04f90606f127cbaa88f073b23d17c35a93b3f930f853f554a75e3
-
vim-filesystem-8.2.2637-22.el9_6.1.tuxcare.els17.noarch.rpm
sha:2549e37430ed58ebec840d461f9ada46f41a0350bd8efce15864011b441133e9
-
vim-minimal-8.2.2637-22.el9_6.1.tuxcare.els17.x86_64.rpm
sha:d545011da19831eb8c44e97664fd3a0812f7661297adaebbb83b1b6f86bf091e
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
