[CLSA-2026:1780055179] Fix CVE(s): CVE-2026-46483
Type:
security
Severity:
Important
Release date:
2026-05-29 11:46:24 UTC
Description:
* SECURITY UPDATE: command injection in tar plugin Vimuntar() - debian/patches/CVE-2026-46483.patch: pass shellescape(tartail, 1) instead of shellescape(tartail) in the two :!gunzip / :!gzip -d lines of runtime/autoload/tar.vim::tar#Vimuntar() so Vim's special characters (!, %, #) are escaped before the filename reaches the shell; matches upstream patch 9.2.0479 - CVE-2026-46483
Updated packages:
  • vim_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:b656a3bbdef8f6d8225a09ce1498bbb207897547
  • vim-athena_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:57f1e82645d36a447ae46ed0a92600d0469679df
  • vim-athena-py2_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:13ab701dabc458fcfcc75bdced3f63c07a6eb304
  • vim-common_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:dd680341b46aeab29626fa38dc3a809de8e4dfa2
  • vim-doc_7.4.1689-3ubuntu1.5+tuxcare.els65_all.deb
    sha:a1f5de17815a63320c6f3abf6db4919e01201e30
  • vim-gnome_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:c52f58ca53c5949e341711c21e62320ad7130108
  • vim-gnome-py2_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:acc87fdf3f872f2694eabbc785c9ca5fb4bb34a9
  • vim-gtk_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:12ea11844ca27bba2dbefb962cd03d859e0d4e3f
  • vim-gtk-py2_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:db646ea49e078b61a4a56bb78669eede08755549
  • vim-gtk3_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:57397715202e2b9abf3a203db4c1630f88670443
  • vim-gtk3-py2_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:6165c26e0970f35c1d4702f1fd440649f2b76f27
  • vim-gui-common_7.4.1689-3ubuntu1.5+tuxcare.els65_all.deb
    sha:66e6832c5661d6038dcb9edc4719306356a7f9e7
  • vim-nox_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:5a041079d4fc1d91fd4548ae840c1b17e00e188b
  • vim-nox-py2_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:d606bcb9239671bd8ea2de89b28d4f4745676fc6
  • vim-runtime_7.4.1689-3ubuntu1.5+tuxcare.els65_all.deb
    sha:bcdde1fe02242249b856076bafa05f832f1cda31
  • vim-tiny_7.4.1689-3ubuntu1.5+tuxcare.els65_amd64.deb
    sha:e039f4b9f2d01fd583817e05e3ab448e1d884a63
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.