SUSE-CU-2024:1479-1: Security update of suse/sle-micro/5.5/toolbox

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Tue Apr 16 07:01:46 UTC 2024 

SUSE Container Update Advisory: suse/sle-micro/5.5/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2024:1479-1
Container Tags        : suse/sle-micro/5.5/toolbox:13.2 , suse/sle-micro/5.5/toolbox:13.2-2.2.207 , suse/sle-micro/5.5/toolbox:latest
Container Release     : 2.2.207
Severity              : important
Type                  : security
References            : 1215005 1217316 1217320 1217321 1217324 1217326 1217329 1217330
                        1217432 1219581 CVE-2023-4750 CVE-2023-48231 CVE-2023-48232 CVE-2023-48233
                        CVE-2023-48234 CVE-2023-48235 CVE-2023-48236 CVE-2023-48237 CVE-2023-48706
                        CVE-2024-22667 
-----------------------------------------------------------------

The container suse/sle-micro/5.5/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2024:1287-1
Released:    Mon Apr 15 15:03:40 2024
Summary:     Security update for vim
Type:        security
Severity:    important
References:  1215005,1217316,1217320,1217321,1217324,1217326,1217329,1217330,1217432,1219581,CVE-2023-4750,CVE-2023-48231,CVE-2023-48232,CVE-2023-48233,CVE-2023-48234,CVE-2023-48235,CVE-2023-48236,CVE-2023-48237,CVE-2023-48706,CVE-2024-22667
This update for vim fixes the following issues:

Updated to version 9.1.0111, fixes the following security problems

- CVE-2023-48231: Use-After-Free in win_close() (bsc#1217316).
- CVE-2023-48232: Floating point Exception in adjust_plines_for_skipcol() (bsc#1217320).
- CVE-2023-48233: overflow with count for :s command (bsc#1217321).
- CVE-2023-48234: overflow in nv_z_get_count (bsc#1217324).
- CVE-2023-48235: overflow in ex address parsing (CVE-2023-48235).
- CVE-2023-48236: overflow in get_number (bsc#1217329).
- CVE-2023-48237: overflow in shift_line (bsc#1217330).
- CVE-2023-48706: heap-use-after-free in ex_substitute (bsc#1217432).
- CVE-2024-22667: stack-based buffer overflow in did_set_langmap function in map.c (bsc#1219581).
- CVE-2023-4750: Heap use-after-free in function bt_quickfix (bsc#1215005).


The following package changes have been done:

- vim-data-common-9.1.0111-150500.20.9.1 updated
- vim-9.1.0111-150500.20.9.1 updated

More information about the sle-container-updates mailing list