Release date:
2026-04-28 14:22:02 UTC
Description:
* SECURITY UPDATE: Command injection via newline in glob() on Unix-like systems
- debian/patches/CVE-2026-33412.patch: add '\n' to the SHELL_SPECIAL macro
in src/os_unix.c so mch_expand_wildcards() escapes embedded newlines
before passing the glob pattern to the shell
- CVE-2026-33412
Updated packages:
-
vim_8.1.0875-5+deb10u6+tuxcare.els17_amd64.deb
sha:1a5da2f714a7652a73050fa9eb59d54f6a095cac
-
vim-athena_8.1.0875-5+deb10u6+tuxcare.els17_amd64.deb
sha:df20fb42069bf8d7696117b4ccc2d692a30533cf
-
vim-common_8.1.0875-5+deb10u6+tuxcare.els17_all.deb
sha:18b0ee4401cce351974e8f112ac110b83d89c9e2
-
vim-doc_8.1.0875-5+deb10u6+tuxcare.els17_all.deb
sha:5aa46f1db5715eb10ac3c29d22481fd0c5ea5ae3
-
vim-gtk_8.1.0875-5+deb10u6+tuxcare.els17_amd64.deb
sha:628af394baaa5672756353acc6befdd6334bc5c8
-
vim-gtk3_8.1.0875-5+deb10u6+tuxcare.els17_amd64.deb
sha:ff7f19ef3b1373f3c7002f51e91108cc5859e03a
-
vim-gui-common_8.1.0875-5+deb10u6+tuxcare.els17_all.deb
sha:e5ac427ed71e785b4f4939adc3c7fcf8f253ab67
-
vim-nox_8.1.0875-5+deb10u6+tuxcare.els17_amd64.deb
sha:9c385259a2523272d46a0fd2cde149a63d5ce605
-
vim-runtime_8.1.0875-5+deb10u6+tuxcare.els17_all.deb
sha:698fcc46d99b938254ba94398808512612ea55ec
-
vim-tiny_8.1.0875-5+deb10u6+tuxcare.els17_amd64.deb
sha:cdc693a920e98da30c5564a0be5dbb1499f7d40f
-
xxd_8.1.0875-5+deb10u6+tuxcare.els17_amd64.deb
sha:e80ba34e6b96bffd4a755070dab6b1d5450c08a7
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
