SUSE-IU-2025:2544-1: Security update of suse/sle-micro/5.5

sle-container-updates at lists.suse.com sle-container-updates at lists.suse.com
Wed Sep 24 07:09:12 UTC 2025 

SUSE Image Update Advisory: suse/sle-micro/5.5
-----------------------------------------------------------------
Image Advisory ID : SUSE-IU-2025:2544-1
Image Tags        : suse/sle-micro/5.5:2.0.4 , suse/sle-micro/5.5:2.0.4-5.5.374 , suse/sle-micro/5.5:latest
Image Release     : 5.5.374
Severity          : moderate
Type              : security
References        : 1246602 1246604 1247819 1247938 1247939 CVE-2025-53905 CVE-2025-53906
                        CVE-2025-55157 CVE-2025-55158 
-----------------------------------------------------------------

The container suse/sle-micro/5.5 was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2025:3300-1
Released:    Tue Sep 23 11:03:41 2025
Summary:     Security update for vim
Type:        security
Severity:    moderate
References:  1246602,1246604,1247938,1247939,CVE-2025-53905,CVE-2025-53906,CVE-2025-55157,CVE-2025-55158
This update for vim fixes the following issues:

Updated to 9.1.1629:
- CVE-2025-53905: Fixed malicious tar archive may causing a path traversal in Vim’s tar.vim plugin (bsc#1246604)
- CVE-2025-53906: Fixed malicious zip archive may causing a path traversal in Vim’s zip (bsc#1246602)
- CVE-2025-55157: Fixed use-after-free in internal tuple reference management (bsc#1247938)
- CVE-2025-55158: Fixed double-free in internal typed value (typval_T) management (bsc#1247939)

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2025:3303-1
Released:    Tue Sep 23 11:10:02 2025
Summary:     Recommended update for dracut
Type:        recommended
Severity:    moderate
References:  1247819
This update for dracut fixes the following issues:

- fix (dracut-util): crash if CMDLINE ends with quotation mark (bsc#1247819)
- fix( rngd): adjust license to match the license of the whole project


The following package changes have been done:

- dracut-055+suse.398.g8f75016e-150500.3.32.1 updated
- vim-data-common-9.1.1629-150500.20.33.1 updated
- vim-small-9.1.1629-150500.20.33.1 updated
- container:suse-sle-micro-base-5.5-latest-2.0.4-5.8.207 updated

More information about the sle-container-updates mailing list