[CLSA-2026:1777306218] Fix CVE(s): CVE-2026-33412
Type:
security
Severity:
Important
Release date:
2026-04-27 16:10:23 UTC
Description:
* SECURITY UPDATE: Command injection via newline in glob() - debian/patches/CVE-2026-33412.patch: add '\n' to SHELL_SPECIAL in src/os_unix.c so newlines in glob() patterns are shell-escaped before mch_expand_wildcards() hands the string to the user's shell - CVE-2026-33412
Updated packages:
  • vim_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:a982710d66029f42b2a82df50570fbea328e00fc
  • vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:32f8b9a4b16d1a9057334e67da42c4d1a6baed86
  • vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:2345c53f5b64636429d98c47ab06d7386772df2e
  • vim-common_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:288cfbd98cc7e7a594691b0d30d986f6b408c454
  • vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els62_all.deb
    sha:08854f90e7143729fd16bc74744daeb13eb26569
  • vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:4fa46b959474af21844c68a1011a4b0bae264fa7
  • vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:1e1697b658937f494a3ddf7bc1fad747ca380357
  • vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:b291f6fb1c4028bbaafaff293592dcfbdcfdf045
  • vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:ecf1c0d63c8ebe949da717e89ed554e2d65dd037
  • vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:0a46ed4a8288b44cd5fdc7c8ca0590af5c7d7375
  • vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:adb9fd5af07e5faae95c5cf88d98f5497a4ae932
  • vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els62_all.deb
    sha:e2643cfbbe1931ea0c4f4491db4d83830b3c2578
  • vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:019824de559f4e65c5e5eaa1a017d642d03406bf
  • vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:a147c317f4637b0549ea3eab3a52b9eb68dbe751
  • vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els62_all.deb
    sha:c7c5201bbf2f350bc4d5db4cf28ab47dae176b36
  • vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els62_amd64.deb
    sha:54eee3bd366ac04221d6471f1e1d6325ba2b2836
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.