SUSE-CU-2023:749-1: Security update of suse/sle-micro/5.4/toolbox

sle-security-updates at lists.suse.com sle-security-updates at lists.suse.com
Wed Mar 22 08:02:42 UTC 2023


SUSE Container Update Advisory: suse/sle-micro/5.4/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:749-1
Container Tags        : suse/sle-micro/5.4/toolbox:12.1 , suse/sle-micro/5.4/toolbox:12.1-3.2.76 , suse/sle-micro/5.4/toolbox:latest
Container Release     : 3.2.76
Severity              : important
Type                  : security
References            : 1207780 1208828 1208957 1208959 CVE-2023-0512 CVE-2023-1127 CVE-2023-1170
                        CVE-2023-1175 
-----------------------------------------------------------------

The container suse/sle-micro/5.4/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2023:776-1
Released:    Thu Mar 16 17:29:23 2023
Summary:     Recommended update for gcc12
Type:        recommended
Severity:    moderate
References:  
This update for gcc12 fixes the following issues:

This update ships gcc12 also to the SUSE Linux Enterprise 15 SP1 LTSS and 15 SP2 LTSS products.

SUSE Linux Enterprise 15 SP3 and SP4 get only refreshed builds without changes


This update ship the GCC 12 compiler suite and its base libraries.

The compiler baselibraries are provided for all SUSE Linux Enterprise 15
versions and replace the same named GCC 11 ones.

The new compilers for C, C++, and Fortran are provided in the SUSE Linux
Enterprise Module for Development Tools.

To use gcc12 compilers use:

- install 'gcc12' or 'gcc12-c++' or one of the other 'gcc12-COMPILER' frontend packages.
- override your makefile to use CC=gcc12, CXX=g++12 and similar overrides for the other languages.

For a full changelog with all new GCC12 features, check out

	https://gcc.gnu.org/gcc-12/changes.html


-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:781-1
Released:    Thu Mar 16 19:07:00 2023
Summary:     Security update for vim
Type:        security
Severity:    important
References:  1207780,1208828,1208957,1208959,CVE-2023-0512,CVE-2023-1127,CVE-2023-1170,CVE-2023-1175
This update for vim fixes the following issues:

- CVE-2023-0512: Fixed a divide By Zero (bsc#1207780).
- CVE-2023-1175: vim: an incorrect calculation of buffer size (bsc#1208957).
- CVE-2023-1170: Fixed a heap-based Buffer Overflow (bsc#1208959).
- CVE-2023-1127: Fixed divide by zero in scrolldown() (bsc#1208828).

Updated to version 9.0 with patch level 1386.

- https://github.com/vim/vim/compare/v9.0.1234...v9.0.1386


The following package changes have been done:

- libstdc++6-12.2.1+git416-150000.1.7.1 updated
- vim-data-common-9.0.1386-150000.5.37.1 updated
- vim-9.0.1386-150000.5.37.1 updated


More information about the sle-security-updates mailing list