Release date:
2026-05-29 14:44:50 UTC
Description:
- CVE-2026-46483: fix command injection in the tar plugin's tar#Vimuntar()
function by using the correct shellescape(tartail, 1) form so that a crafted
.tgz filename cannot trigger cmdline-special expansion in the :! command
Updated packages:
-
vim-X11-7.4.629-5.2.el6.tuxcare.els52.x86_64.rpm
sha:5c09d82ccdd3c0f4fff9e8a780012312a907fa6ea40e482dbbfe8414c71c1f9a
-
vim-common-7.4.629-5.2.el6.tuxcare.els52.x86_64.rpm
sha:33622de412dcb6187357f7b12054a3e0233ef3a77a2482cab9749876c74bf2ac
-
vim-enhanced-7.4.629-5.2.el6.tuxcare.els52.x86_64.rpm
sha:5febc4fb733b8ddaba083d23c184efa8d4c9cbefaccc5106abe2ff9ebddec702
-
vim-filesystem-7.4.629-5.2.el6.tuxcare.els52.x86_64.rpm
sha:af930d6574155af718a14b63058d7bbaf23aefc818c08c6ecf1f8cfd69cf0706
-
vim-minimal-7.4.629-5.2.el6.tuxcare.els52.x86_64.rpm
sha:f81f0aacd63fe25389747312ce68898a7b16b5e2f393f77c56859561519f3773
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.
