SUSE-CU-2025:1345-1: Security update of suse/sle-micro/5.4/toolbox
sle-container-updates at lists.suse.com
sle-container-updates at lists.suse.com
Thu Feb 27 08:12:50 UTC 2025
SUSE Container Update Advisory: suse/sle-micro/5.4/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2025:1345-1
Container Tags : suse/sle-micro/5.4/toolbox:14.2 , suse/sle-micro/5.4/toolbox:14.2-5.19.92 , suse/sle-micro/5.4/toolbox:latest
Container Release : 5.19.92
Severity : moderate
Type : security
References : 1229685 1229822 1230078 1235695 1236151 1237137 CVE-2024-43790
CVE-2024-43802 CVE-2024-45306 CVE-2025-1215 CVE-2025-22134 CVE-2025-24014
-----------------------------------------------------------------
The container suse/sle-micro/5.4/toolbox was updated. The following patches have been included in this update:
-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:724-1
Released: Wed Feb 26 14:30:20 2025
Summary: Security update for vim
Type: security
Severity: moderate
References: 1229685,1229822,1230078,1235695,1236151,1237137,CVE-2024-43790,CVE-2024-43802,CVE-2024-45306,CVE-2025-1215,CVE-2025-22134,CVE-2025-24014
This update for vim fixes the following issues:
Update to version 9.1.1101:
- CVE-2024-43790: possible out-of-bounds read when performing a search command (bsc#1229685).
- CVE-2024-43802: heap buffer overflow due to incorrect flushing of the typeahead buffer (bsc#1229822).
- CVE-2024-45306: heap buffer overflow when cursor position is invalid (bsc#1230078).
- CVE-2025-22134: heap buffer overflow when switching to other buffers using the :all command with active visual mode
(bsc#1235695).
- CVE-2025-24014: NULL pointer dereference may lead to segmentation fault when in silent Ex mode (bsc#1236151).
- CVE-2025-1215: memory corruption when manipulating the --log argument (bsc#1237137).
The following package changes have been done:
- vim-data-common-9.1.1101-150000.5.69.1 updated
- vim-9.1.1101-150000.5.69.1 updated
- xxd-9.1.1101-150000.5.69.1 updated
More information about the sle-container-updates
mailing list