[CLSA-2026:1782145639] Fix CVE(s): CVE-2026-4480
Type:
security
Severity:
Critical
Release date:
2026-06-22 16:27:33 UTC
Description:
* SECURITY UPDATE: pre-authentication remote code execution in the printing subsystem via unescaped %J substitution in 'print command'. The client-controlled job name was passed to the shell with only a single quote -> underscore transformation, allowing shell metacharacters to inject arbitrary commands when 'printing' is set to a non-CUPS backend (sysv, lprng, bsd, plp, aix, hpux, qnx, softq). - debian/patches/CVE-2026-4480.patch - CVE-2026-4480
CVEs fixed:
Updated packages:
  • ctdb_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:264c2324345c61361b3c094862c7b82113793f51
  • libnss-winbind_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:d26bddf3950ec8b280fffba0e3a79345c9168638
  • libpam-winbind_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:b77b922db8b2f00aea118ed2210fc924a1be7865
  • libsmbclient_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:f9217b7871af5c860b95e1a9d238a0768bba6e6d
  • libsmbclient-dev_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:e6aba1e67962ec92c6ef21fc68ec2bc6ce7ca7e7
  • libwbclient-dev_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:b6888cae0079d605ee7b32c963c565493ac6ce9c
  • libwbclient0_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:a988aec47d6ead059d5f43b0b27a5c923816b93a
  • python3-samba_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:66c7a5913b05ecfe6e412d04434ba3b4d315ffef
  • registry-tools_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:50e3971a74a63e1111d4d268a677fef40897fbd7
  • samba_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:6c3745efbc44654cabe8d1b159be7f8d76f50b78
  • samba-common_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_all.deb
    sha:22e2ad31f80cb7b32ce1d299179d2ca0a4d65d7a
  • samba-common-bin_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:6c93baf2ae34501e1a743faed4c1921d9b7a52a8
  • samba-dev_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:cbc69e184a876cdf06e09d37b1f3a6a05a128520
  • samba-dsdb-modules_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:6f506c59032f29ce9039e461fa4c83258e8f3ced
  • samba-libs_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:b38b1cc73c552deb32f4b4ec4e7ba6390d0bacdb
  • samba-testsuite_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:073fac8109c8d851b9c45ac55ec32003b3a9e576
  • samba-vfs-modules_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:70972707649e613ab80fff1540eff29237afc337
  • smbclient_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:9144969175fbe2b9794f239f62542ee3ee02def5
  • winbind_4.15.13+dfsg-0ubuntu0.20.04.8+tuxcare.els4_amd64.deb
    sha:76c888d667ea9623ad417055a729851dce0901e9
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.