SUSE-IU-2025:657-1: Security update of suse/sle-micro/5.5

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Thu Feb 27 08:05:12 UTC 2025


SUSE Image Update Advisory: suse/sle-micro/5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:657-1
Image Tags        : suse/sle-micro/5.5:2.0.4 , suse/sle-micro/5.5:2.0.4-5.5.249 , suse/sle-micro/5.5:latest
Image Release     : 5.5.249
Severity          : moderate
Type              : security
References        : 1229685 1229822 1230078 1235695 1236151 1237137 CVE-2024-43790
                        CVE-2024-43802 CVE-2024-45306 CVE-2025-1215 CVE-2025-22134 CVE-2025-24014
-----------------------------------------------------------------

The container suse/sle-micro/5.5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:723-1
Released:    Wed Feb 26 14:29:39 2025
Summary:     Security update for vim
Type:        security
Severity:    moderate
References:  1229685,1229822,1230078,1235695,1236151,1237137,CVE-2024-43790,CVE-2024-43802,CVE-2024-45306,CVE-2025-1215,CVE-2025-22134,CVE-2025-24014
This update for vim fixes the following issues:

Update to version 9.1.1101:

- CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685).
- CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822).
- CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078).
- CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode
  (bsc#1235695).
- CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151).
- CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137).


The following package changes have been done:

- vim-data-common-9.1.1101-150500.20.21.1 updated
- vim-small-9.1.1101-150500.20.21.1 updated


More information about the sle-container-updates mailing list