SUSE-SU-2025:20696-1: moderate: Security update for vim
SLE-UPDATES
null at suse.de
Wed Sep 17 20:32:47 UTC 2025
# Security update for vim
Announcement ID: SUSE-SU-2025:20696-1
Release Date: 2025-09-11T10:29:42Z
Rating: moderate
References:
* bsc#1246602
* bsc#1246604
* bsc#1247938
* bsc#1247939
Cross-References:
* CVE-2025-53905
* CVE-2025-53906
* CVE-2025-55157
* CVE-2025-55158
CVSS scores:
* CVE-2025-53905 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N
* CVE-2025-53905 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L
* CVE-2025-53905 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L
* CVE-2025-53906 ( SUSE ): 1.8
CVSS:4.0/AV:L/AC:H/AT:N/PR:N/UI:A/VC:N/VI:L/VA:L/SC:N/SI:L/SA:L
* CVE-2025-53906 ( SUSE ): 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L
* CVE-2025-53906 ( NVD ): 4.1 CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:C/C:N/I:L/A:L
* CVE-2025-55157 ( SUSE ): 6.7
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
* CVE-2025-55157 ( SUSE ): 5.0 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
* CVE-2025-55157 ( NVD ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-55157 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
* CVE-2025-55158 ( SUSE ): 5.6 CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:H
* CVE-2025-55158 ( NVD ): 6.9
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
* CVE-2025-55158 ( NVD ): 8.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected Products:
* SUSE Linux Micro 6.0
* SUSE Linux Micro Extras 6.0
An update that solves four vulnerabilities can now be installed.
## Description:
This update for vim fixes the following issues:
* CVE-2025-53906: Fixed malicious zip archive causing path traversal
(bsc#1246602)
* CVE-2025-53905: Fixed malicious tar archive causing path traversal
(bsc#1246604)
* CVE-2025-55157: Fixed use-after-free in internal tuple reference management
(bsc#1247938)
* CVE-2025-55158: Fixed double-free in internal typed value (typval_T)
management (bsc#1247939)
* Update to 9.1.1629: 9.1.1629: Vim9: Not able to use more than 10 type
arguments in a generic function 9.1.1628: fuzzy.c has a few issues 9.1.1627:
fuzzy matching can be improved 9.1.1626: cindent: does not handle compound
literals 9.1.1625: Autocompletion slow with include- and tag-completion
9.1.1624: Cscope not enabled on MacOS 9.1.1623: Buffer menu does not handle
unicode names correctly 9.1.1622: Patch v9.1.1432 causes performance
regressions 9.1.1621: flicker in popup menu during cmdline autocompletion
9.1.1620: filetype: composer.lock and symfony.lock files not recognized
9.1.1619: Incorrect E535 error message 9.1.1618: completion: incorrect
selected index returned from complete_info() 9.1.1617: Vim9: some error
messages can be improved 9.1.1616: xxd: possible buffer overflow with
bitwise output 9.1.1615: diff format erroneously detected 9.1.1614: Vim9:
possible variable type change 9.1.1613: tests: test_search leaves a few
swapfiles behind 9.1.1612: Ctrl-G/Ctrl-T do not ignore the end search
delimiter 9.1.1611: possible undefined behaviour in mb_decompose() 9.1.1610:
completion: hang or E684 when 'tagfunc' calls complete() 9.1.1609: complete:
Heap-buffer overflow with complete function 9.1.1608: No command-line
completion for :unsilent {command} 9.1.1607: :apple command detected as
:append 9.1.1606: filetype: a few more files are not recognized 9.1.1605:
cannot specify scope for chdir() 9.1.1604: completion: incsearch highlight
might be lost 9.1.1603: completion: cannot use autoloaded funcs in
'complete' F{func} 9.1.1602: filetype: requirements-*.txt files are not
recognized 9.1.1601: Patch v8.1.0425 was wrong 9.1.1600: using diff anchors
with hidden buffers fails silently 9.1.1599: :bnext doesn't go to unlisted
help buffers 9.1.1598: filetype: waybar config file is not recognized
9.1.1597: CI reports leaks in libgtk3 library 9.1.1596: tests:
Test_search_wildmenu_iminsert() depends on help file 9.1.1595: Wayland: non-
portable use of select() 9.1.1594: completion: search completion throws
errors 9.1.1593: Confusing error when compiling incomplete try block
9.1.1592: Vim9: crash with classes and garbage collection 9.1.1591: VMS
support can be improved 9.1.1590: cannot perform autocompletion 9.1.1589:
Cannot disable cscope interface using configure 9.1.1588: Vim9: cannot split
dict inside command block 9.1.1587: Wayland: timeout not updated before
select() 9.1.1586: Vim9: can define an enum/interface in a function
9.1.1585: Wayland: gvim still needs GVIM_ENABLE_WAYLAND 9.1.1584: using ints
as boolean type 9.1.1583: gvim window lost its icons 9.1.1582: style issue
in vim9type.c and vim9generics.c 9.1.1581: possible memory leak in
vim9generics.c 9.1.1580: possible memory leak in vim9type.c 9.1.1579:
Coverity complains about unchecked return value 9.1.1578: configure: comment
still mentions autoconf 2.71 9.1.1577: Vim9: no generic support yet
9.1.1576: cannot easily trigger wildcard expansion 9.1.1575: tabpanel not
drawn correctly with wrapped lines 9.1.1574: Dead code in mbyte.c 9.1.1573:
Memory leak when pressing Ctrl-D in cmdline mode 9.1.1572: expanding $var
does not escape whitespace for 'path' 9.1.1571: CmdlineChanged triggered to
often 9.1.1570: Copilot suggested some improvements in cmdexpand.c 9.1.1569:
tests: Vim9 tests can be improved 9.1.1568: need a few more default
highlight groups 9.1.1567: crash when using inline diff mode 9.1.1566: self-
referenced enum may not get freed 9.1.1565: configure: does not consider
tiny version for wayland 9.1.1564: crash when opening popup to closing
buffer 9.1.1563: completion: ruler may disappear 9.1.1562: close button
always visible in the 'tabline' 9.1.1561: configure: wayland test can be
improved 9.1.1560: configure: uses $PKG_CONFIG before it is defined
9.1.1559: tests: Test_popup_complete_info_01() fails when run alone
9.1.1558: str2blob() treats NULL string and empty string differently
9.1.1557: not possible to anchor specific lines in difff mode 9.1.1556:
string handling in cmdexpand.c can be improved 9.1.1555: completion:
repeated insertion of leader 9.1.1554: crash when omni-completion opens
command-line window 9.1.1553: Vim9: crash when accessing a variable in if
condition 9.1.1552: [security]: path traversal issue in tar.vim 9.1.1551:
[security]: path traversal issue in zip.vim 9.1.1550: defaults: 'showcmd' is
not enabled in non-compatible mode on Unix 9.1.1549: filetype: pkl files are
not recognized 9.1.1548: filetype: OpenFGA files are not recognized
9.1.1547: Wayland: missing ifdef 9.1.1546: Vim9: error with has() and short
circuit evaluation 9.1.1545: typo in os_unix.c 9.1.1544: :retab cannot be
limited to indentation only 9.1.1543: Wayland: clipboard appears to not be
working 9.1.1542: Coverity complains about uninitialized variable 9.1.1541:
Vim9: error when last enum value ends with a comma 9.1.1540: completion:
menu state wrong on interruption 9.1.1539: completion: messages don't
respect 'shm' setting 9.1.1537: helptoc: still some issues when markdown
code blocks 9.1.1536: tests: test_plugin_comment uses wrong :Check command
9.1.1535: the maximum search count uses hard-coded value 99 9.1.1534:
unnecessary code in tabpanel.c 9.1.1533: helptoc: does not handle code
sections in markdown well 9.1.1532: termdebug: not enough ways to configure
breakpoints 9.1.1531: confusing error with nested legacy function 9.1.1530:
Missing version change in v9.1.1529 9.1.1529: Win32: the toolbar in the GUI
is old and dated 9.1.1528: completion: crash with getcompletion() 9.1.1527:
Vim9: Crash with string compound assignment 9.1.1526: completion: search
completion match may differ in case 9.1.1525: tests: testdir/ is a bit messy
9.1.1524: tests: too many imports in the test suite 9.1.1523: tests:
test_clipmethod fails in non X11 environment 9.1.1522: tests: still some
ANSI escape sequences in test output 9.1.1521: completion: pum does not
reset scroll pos on reopen with 'noselect' 9.1.1520: completion: search
completion doesn't handle 'smartcase' well 9.1.1519: tests:
Test_termdebug_decimal_breakpoints() may fail 9.1.1518: getcompletiontype()
may crash 9.1.1517: filetype: autopkgtest files are not recognized 9.1.1516:
tests: no test that 'incsearch' is updated after search completion 9.1.1515:
Coverity complains about potential unterminated strings 9.1.1514: Coverity
complains about the use of tmpfile() 9.1.1513: resizing Vim window causes
unexpected internal window width 9.1.1512: completion: can only complete
from keyword characters 9.1.1511: tests: two edit tests change v:testing
from 1 to 0 9.1.1510: Search completion may use invalid memory 9.1.1509:
patch 9.1.1505 was not good 9.1.1508: string manipulation can be improved in
cmdexpand.c 9.1.1507: symlinks are resolved on :cd commands 9.1.1506: tests:
missing cleanup in Test_search_cmdline_incsearch_highlight() 9.1.1505: not
possible to return completion type for :ex command 9.1.1504: filetype:
numbat files are not recognized 9.1.1503: filetype: haxe files are not
recognized 9.1.1502: filetype: quickbms files are not recognized 9.1.1501:
filetype: flix files are not recognized 9.1.1500: if_python: typo in python
error variable 9.1.1499: MS-Windows: no indication of ARM64 architecture
9.1.1498: completion: 'complete' funcs behave different to 'omnifunc'
9.1.1497: Link error with shm_open() 9.1.1496: terminal: still not
highlighting empty cells correctly 9.1.1495: Wayland: uses $XDG_SEAT to
determine seat 9.1.1494: runtime(tutor): no French translation for Chapter 2
9.1.1493: manually comparing positions on buffer 9.1.1492: tests: failure
when Wayland compositor fails to start 9.1.1491: missing out-of-memory
checks in cmdexpand.c 9.1.1490: 'wildchar' does not work in search contexts
9.1.1489: terminal: no visual highlight of empty cols with empty 'listchars'
9.1.1488: configure: using obsolete macro AC_PROG_GCC_TRADITIONAL 9.1.1487:
:cl doesn't invoke :clist 9.1.1486: documentation issues with Wayland
9.1.1485: missing Wayland clipboard support 9.1.1484: tests: Turkish locale
tests fails on Mac 9.1.1483: not possible to translation position in buffer
9.1.1482: scrolling with 'splitkeep' and line() 9.1.1481: gcc complains
about uninitialized variable 9.1.1480: Turkish translation outdated
9.1.1479: regression when displaying localized percentage position 9.1.1478:
Unused assignment in ex_uniq() 9.1.1476: no easy way to deduplicate text
9.1.1476: missing out-of-memory checks in cmdexpand.c 9.1.1475: completion:
regression when "nearest" in 'completeopt' 9.1.1474: missing out-of-memory
check in mark.c 9.1.1473: inconsistent range arg for :diffget/diffput
9.1.1472: if_python: PySequence_Fast_{GET_SIZE,GET_ITEM} removed 9.1.1471:
completion: inconsistent ordering with CTRL-P 9.1.1470: use-after-free with
popup callback on error 9.1.1469: potential buffer-underflow with invalid
hl_id 9.1.1468: filetype: bright(er)script files are not recognized
9.1.1467: too many strlen() calls 9.1.1466: filetype: not all lex files are
recognized 9.1.1465: tabpanel: not correctly drawn with 'equalalways'
9.1.1464: gv does not work in operator-pending mode 9.1.1463: Integer
overflow in getmarklist() after linewise operation 9.1.1462: missing change
from patch v9.1.1461 9.1.1461: tabpanel: tabpanel vanishes with popup menu
9.1.1460: MS-Windows: too many strlen() calls in os_win32.c 9.1.1459: xxd:
coloring output is inefficient 9.1.1458: tabpanel: tabs not properly updated
with 'stpl' 9.1.1457: compile warning with tabpanelopt 9.1.1456: comment
plugin fails toggling if 'cms' contains \ 9.1.1455: Haiku: dailog objects
created with no reference 9.1.1454: tests: no test for pum at line break
position 9.1.1453: tests: Test_geometry() may fail 9.1.1452: completion:
redundant check for completion flags 9.1.1451: tabpanel rendering artifacts
when scrolling 9.1.1450: Session has wrong arglist with :tcd and :arglocal
9.1.1449: typo in pum_display() 9.1.1448: tabpanel is not displayed
correctly when msg_scrolled 9.1.1447: completion: crash when backspacing
with fuzzy completion 9.1.1446: filetype: cuda-gdb config files are not
recognized 9.1.1445: negative matchfuzzy scores although there is a match
9.1.1444: Unused assignment in set_fuzzy_score() 9.1.1443: potential buffer
underflow in insertchar() 9.1.1442: tests: Test_diff_fold_redraw() is
insufficient 9.1.1441: completion: code can be improved 9.1.1440: too many
strlen() calls in os_win32.c 9.1.1439: Last diff folds not merged 9.1.1438:
tests: Test_breakindent_list_split() fails 9.1.1437: MS-Windows: internal
compile error in uc_list() 9.1.1436: GUI control code is displayed on the
console on startup 9.1.1435: completion: various flaws in fuzzy completion
9.1.1434: MS-Windows: missing out-of-memory checks in os_win32.c 9.1.1433:
Unnecessary :if when writing session 9.1.1432: GTK GUI: Buffer menu does not
handle unicode correctly 9.1.1431: Hit-Enter Prompt when loading session
files 9.1.1430: tabpanel may flicker in the GUI 9.1.1429: dragging outside
the tabpanel changes tabpagenr 9.1.1428: completion: register completion
needs cleanup 9.1.1427: rendering artifacts with the tabpanel 9.1.1426:
completion: register contents not completed 9.1.1425: tabpanel: there are
still some problems with the tabpanel 9.1.1424: PMenu selection broken with
multi-line selection and limits 9.1.1423: :tag command not working correctly
using Vim9 Script 9.1.1422: scheduling of complete function can be improved
9.1.1421: tests: need a test for the new-style tutor.tutor 9.1.1420: tests:
could need some more tests for shebang lines 9.1.1419: It is difficult to
ignore all but some events 9.1.1418: configures GUI auto detection favors
GTK2 9.1.1417: missing info about register completion in complete_info()
9.1.1416: completion limits not respected for fuzzy completions 9.1.1415:
potential use-after free when there is an error in 'tabpanel' 9.1.1414: MS-
Windows: compile warnings in os_win32.c 9.1.1413: spurious CursorHold
triggered in GUI on startup 9.1.1412: tests: Test_tabpanel_tabonly() fails
on larger screens 9.1.1411: crash when calling non-existing function for
tabpanel 9.1.1410: out-of-bounds access with 'completefunc' 9.1.1409: using
f-flag in 'complete' conflicts with Neovim 9.1.1408: not easily possible to
complete from register content 9.1.1407: Can't use getpos('v') in OptionSet
when using setbufvar() 9.1.1406: crash when importing invalid tuple
9.1.1405: tests: no test for mapping with special keys in session file
9.1.1404: wrong link to Chapter 2 in new-tutor 9.1.1403: expansion of
'tabpanelopt' value adds wrong values 9.1.1402: multi-byte mappings not
properly stored in session file 9.1.1401: list not materialized in
prop_list() 9.1.1400: [security]: use-after-free when evaluating tuple fails
9.1.1399: tests: test_codestyle fails for auto-generated files 9.1.1398:
completion: trunc does not follow Pmenu highlighting attributes 9.1.1397:
tabpanel not correctly updated on :tabonly 9.1.1396: 'errorformat' is a
global option 9.1.1395: search_stat not reset when pattern differs in case
9.1.1394: tabpanel not correctly redrawn on tabonly 9.1.1393: missing test
for switching buffers and reusing curbuf 9.1.1392: missing patch number
9.1.1391: Vim does not have a vertical tabpanel 9.1.1390: style: more wrong
indentation 9.1.1389: completion: still some issue when 'isexpand' contains
a space 9.1.1388: Scrolling one line too far with 'nosmoothscroll' page
scrolling 9.1.1387: memory leak when buflist_new() fails to reuse curbuf
9.1.1386: MS-Windows: some minor problems building on AARCH64 9.1.1385:
inefficient loop for 'nosmoothscroll' scrolling 9.1.1384: still some problem
with the new tutors filetype plugin 9.1.1383: completion: 'isexpand' option
does not handle space char correct 9.1.1382: if_ruby: unused compiler
warnings from ruby internals 9.1.1381: completion: cannot return to original
text 9.1.1380: 'eventignorewin' only checked for current buffer 9.1.1379:
MS-Windows: error when running evim when space in path 9.1.1378: sign
without text overwrites number option 9.1.1377: patch v9.1.1370 causes some
GTK warning messages 9.1.1376: quickfix dummy buffer may remain as dummy
buffer 9.1.1375: [security]: possible heap UAF with quickfix dummy buffer
9.1.1374: completion: 'smartcase' not respected when filtering matches
9.1.1373: 'completeopt' checking logic can be simplified 9.1.1372: style:
braces issues in various files 9.1.1371: style: indentation and brace issues
in insexpand.c 9.1.1370: CI Tests favor GTK2 over GTK3 9.1.1369: configure
still using autoconf 2.71 9.1.1368: GTK3 and GTK4 will drop numeric cursor
support. 9.1.1367: too many strlen() calls in gui.c 9.1.1366: v9.1.1364
unintentionally changed sign.c and sound.c 9.1.1365: MS-Windows: compile
warnings and too many strlen() calls 9.1.1364: style: more indentation
issues 9.1.1363: style: inconsistent indentation in various files 9.1.1362:
Vim9: type ignored when adding tuple to instance list var 9.1.1361:
[security]: possible use-after-free when closing a buffer 9.1.1360:
filetype: GNU Radio companion files are not recognized 9.1.1359: filetype:
GNU Radio config files are not recognized 9.1.1358: if_lua: compile warnings
with gcc15 9.1.1357: Vim incorrectly escapes tags with "[" in a help buffer
9.1.1356: Vim9: crash when unletting variable 9.1.1355: The pum_redraw()
function is too complex 9.1.1354: tests: Test_terminalwinscroll_topline()
fails on Windows 9.1.1353: missing change from v9.1.1350 9.1.1352: style:
inconsistent indent in insexpand.c 9.1.1351: Return value of getcmdline()
inconsistent in CmdlineLeavePre 9.1.1350: tests: typo in
Test_CmdlineLeavePre_cabbr() 9.1.1349: CmdlineLeavePre may trigger twice
9.1.1348: still E315 with the terminal feature 9.1.1347: small problems with
gui_w32.c 9.1.1346: missing out-of-memory check in textformat.c 9.1.1345:
tests: Test_xxd_color2() test failure dump diff is misleading 9.1.1344:
double free in f_complete_match() (after v9.1.1341) 9.1.1343: filetype:
IPython files are not recognized 9.1.1342: Shebang filetype detection can be
improved 9.1.1341: cannot define completion triggers 9.1.1340: cannot
complete :filetype arguments 9.1.1339: missing out-of-memory checks for
enc_to_utf16()/utf16_to_enc() 9.1.1338: Calling expand() interferes with
cmdcomplete_info() 9.1.1337: Undo corrupted with 'completeopt' "preinsert"
when switching buffer 9.1.1336: comment plugin does not support case-
insensitive 'commentstring' 9.1.1335: Coverity complains about Null pointer
dereferences 9.1.1334: Coverity complains about unchecked return value
9.1.1333: Coverity: complains about unutilized variable 9.1.1332: Vim9:
segfault when using super within a lambda 9.1.1331: Leaking memory with
cmdcomplete() 9.1.1330: may receive E315 in terminal 9.1.1329: cannot get
information about command line completion 9.1.1328: too many strlen() calls
in indent.c 9.1.1327: filetype: nroff detection can be improved 9.1.1326:
invalid cursor position after 'tagfunc' 9.1.1325: tests: not checking error
numbers properly 9.1.1324: undefined behaviour if X11 connection dies
9.1.1323: b:undo_ftplugin not executed when re-using buffer 9.1.1322: small
delete register cannot paste multi-line correctly 9.1.1321: filetype: MS ixx
and mpp files are not recognized 9.1.1320: filetype: alsoft config files are
not recognized 9.1.1319: Various typos in the code, issue with
test_inst_complete.vim 9.1.1318: tests: test_format fails 9.1.1317: noisy
error when restoring folds from session fails 9.1.1316: missing memory
allocation failure in os_mswin.c 9.1.1315: completion: issue with fuzzy
completion and 'completefuzzycollect' 9.1.1314: max allowed string width too
small 9.1.1313: compile warning about uninitialized value 9.1.1312: tests:
Test_backupskip() fails when HOME is defined 9.1.1311: completion: not
possible to limit number of matches 9.1.1310: completion: redundant check
for preinsert effect 9.1.1309: tests: no test for 'pummaxwidth' with non-
truncated "kind" 9.1.1308: completion: cannot order matches by distance to
cursor 9.1.1307: make syntax does not reliably detect different flavors
9.1.1306: completion menu rendering can be improved 9.1.1305: completion
menu active after switching windows/tabs 9.1.1304: filetype: some man files
are not recognized 9.1.1303: missing out-of-memory check in linematch.c
9.1.1302: Coverity warns about using uninitialized value 9.1.1301:
completion: cannot configure completion functions with 'complete' 9.1.1300:
wrong detection of -inf 9.1.1299: filetype: mbsyncrc files are not
recognized 9.1.1298: define_function() is too long 9.1.1297: Ctrl-D
scrolling can get stuck 9.1.1296: completion: incorrect truncation logic
9.1.1295: clientserver: does not handle :stopinsert correctly 9.1.1294: gui
tabline menu does not use confirm when closing tabs 9.1.1293: comment plugin
does not handle 'exclusive' selection for comment object 9.1.1292:
statusline not correctly evaluated 9.1.1291: too many strlen() calls in
buffer.c 9.1.1290: tests: missing cleanup in test_filetype.vim 9.1.1289:
tests: no test for matchparen plugin with WinScrolled event 9.1.1288: Using
wrong window in ll_resize_stack() 9.1.1287: quickfix code can be further
improved 9.1.1286: filetype: help files not detected when 'iskeyword'
includes ":" 9.1.1285: Vim9: no error message for missing method after
"super." 9.1.1284: not possible to configure pum truncation char 9.1.1283:
quickfix stack is limited to 10 items 9.1.1282: Build and test failure
without job feature 9.1.1281: extra newline output when editing stdin
9.1.1280: trailing additional semicolon in get_matches_in_str() 9.1.1279:
Vim9: null_object and null_class are no reserved names 9.1.1278: Vim9: too
long functions in vim9type.c 9.1.1277: tests: trailing comment char in
test_popupwin 9.1.1276: inline word diff treats multibyte chars as word char
9.1.1275: MS-Windows: Not possible to pass additional flags to Make_mvc
9.1.1274: Vim9: no support for object<type> as variable type 9.1.1273:
Coverity warns about using uninitialized value 9.1.1272: completion: in
keyword completion Ctrl_P cannot go back after Ctrl_N 9.1.1271: filetype:
Power Query files are not recognized 9.1.1270: missing out-of-memory checks
in buffer.c 9.1.1269: completion: compl_shown_match is updated when starting
keyword completion 9.1.1268: filetype: dax files are not recognized
9.1.1267: Vim9: no support for type list/dict<object<any>> 9.1.1266: MS-
Windows: type conversion warnings 9.1.1265: tests: no tests for typing
normal char during completion 9.1.1264: Vim9: error when comparing objects
9.1.1263: string length wrong in get_last_inserted_save() 9.1.1262: heap-
buffer-overflow with narrow 'pummaxwidth' value 9.1.1261: No test for
'pummaxwidth' non-truncated items 9.1.1260: Hang when filtering buffer with
NUL bytes 9.1.1259: some issues with comment package and tailing spaces
9.1.1258: regexp: max \U and \%U value is limited by INT_MAX 9.1.1257:
Mixing vim_strsize() with mb_ptr2cells() in pum_redraw() 9.1.1256:
if_python: duplicate tuple data entries 9.1.1255: missing test condition for
'pummaxwidth' setting 9.1.1254: need more tests for the comment plugin
9.1.1253: abort when closing window with attached quickfix data 9.1.1252:
typos in code and docs related to 'diffopt' "inline:" 9.1.1251: if_python:
build error with tuples and dynamic python 9.1.1250: cannot set the maximum
popup menu width 9.1.1249: tests: no test that 'listchars' "eol" doesn't
affect "gM" 9.1.1248: compile error when building without FEAT_QUICKFIX
9.1.1247: fragile setup to get (preferred) keys from key_name_entry
9.1.1246: coverity complains about some changes in v9.1.1243 9.1.1245: need
some more tests for curly braces evaluation 9.1.1244: part of patch
v9.1.1242 was wrong 9.1.1243: diff mode is lacking for changes within lines
9.1.1242: Crash when evaluating variable name 9.1.1241: wrong preprocessort
indentation in term.c 9.1.1240: Regression with ic/ac text objects and
comment plugin 9.1.1239: if_python: no tuple data type support 9.1.1238:
wrong cursor column with 'set splitkeep=screen' 9.1.1237: Compile error with
C89 compiler in term.c 9.1.1236: tests: test_comments leaves swapfiles
around 9.1.1235: cproto files are outdated 9.1.1234: Compile error when
SIZE_MAX is not defined 9.1.1233: Coverity warns about NULL pointer when
triggering WinResized 9.1.1232: Vim script is missing the tuple data type
9.1.1231: filetype: SPA JSON files are not recognized 9.1.1230: inconsistent
CTRL-C behaviour for popup windows 9.1.1229: the comment plugin can be
improved 9.1.1228: completion: current position column wrong after got a
match 9.1.1227: no tests for the comment package 9.1.1226: "shellcmdline"
completion doesn't work with input() 9.1.1225: extra NULL check in
VIM_CLEAR() 9.1.1224: cannot :put while keeping indent 9.1.1223: wrong
translation used for encoding failures 9.1.1222: using wrong length for last
inserted string 9.1.1221: Wrong cursor pos when leaving Insert mode just
after 'autoindent' 9.1.1220: filetype: uv.lock file not recognized 9.1.1219:
Strange error with wrong type for matchfuzzy() "camelcase" 9.1.1218: missing
out-of-memory check in filepath.c 9.1.1217: tests: typos in
test_matchfuzzy.vim 9.1.1216: Pasting the '.' register multiple times may
not work 9.1.1215: Patch 9.1.1213 has some issues 9.1.1214: matchfuzzy() can
be improved for camel case matches 9.1.1213: cannot :put while keeping
indent 9.1.1212: too many strlen() calls in edit.c 9.1.1212: filetype:
logrotate'd pacmanlogs are not recognized 9.1.1211: TabClosedPre is
triggered just before the tab is being freed 9.1.1210: translation(ru):
missing Russian translation for the new tutor 9.1.1209: colorcolumn not
drawn after virtual text lines 9.1.1208: MS-Windows: not correctly restoring
alternate screen on Win 10 9.1.1207: MS-Windows: build warning in filepath.c
9.1.1206: tests: test_filetype fails when a file is a directory 9.1.1205:
completion: preinserted text not removed when closing pum 9.1.1204: MS-
Windows: crash when passing long string to expand() 9.1.1203: matchparen
keeps cursor on case label in sh filetype 9.1.1202: Missing TabClosedPre
autocommand 9.1.1201: 'completefuzzycollect' does not handle dictionary
correctly 9.1.1200: cmdline pum not cleared for input() completion 9.1.1199:
gvim uses hardcoded xpm icon file 9.1.1198: [security]: potential data loss
with zip.vim 9.1.1197: process_next_cpt_value() uses wrong condition
9.1.1196: filetype: config files for container tools are not recognized
9.1.1195: inside try-block: fn body executed with default arg undefined
9.1.1194: filetype: false positive help filetype detection 9.1.1193:
Unnecessary use of STRCAT() in au_event_disable() 9.1.1192: Vim crashes with
term response debug logging enabled 9.1.1191: tests: test for patch 9.1.1186
doesn't fail without the patch 9.1.1190: C indentation does not detect
multibyte labels 9.1.1189: if_python: build error due to incompatible
pointer types 9.1.1188: runtime(tera): tera support can be improved
9.1.1187: matchparen plugin wrong highlights shell case statement 9.1.1186:
filetype: help files in git repos are not detected 9.1.1185: endless loop
with completefuzzycollect and no match found 9.1.1184: Unnecessary use of
vim_tolower() in vim_strnicmp_asc() 9.1.1083: "above" virtual text breaks
cursorlineopt=number 9.1.1182: No cmdline completion for
'completefuzzycollect' 9.1.1181: Unnecessary STRLEN() calls in insexpand.c
9.1.1180: short-description 9.1.1179: too many strlen() calls in misc2.c
9.1.1178: not possible to generate completion candidates using fuzzy
matching 9.1.1177: filetype: tera files not detected
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* SUSE Linux Micro 6.0
zypper in -t patch SUSE-SLE-Micro-6.0-457=1
* SUSE Linux Micro Extras 6.0
zypper in -t patch SUSE-SLE-Micro-6.0-457=1
## Package List:
* SUSE Linux Micro 6.0 (noarch)
* vim-data-common-9.1.1629-1.1
* SUSE Linux Micro 6.0 (aarch64 s390x x86_64)
* vim-debugsource-9.1.1629-1.1
* vim-small-9.1.1629-1.1
* vim-small-debuginfo-9.1.1629-1.1
* SUSE Linux Micro Extras 6.0 (aarch64 s390x x86_64)
* vim-debugsource-9.1.1629-1.1
* vim-9.1.1629-1.1
* vim-debuginfo-9.1.1629-1.1
## References:
* https://www.suse.com/security/cve/CVE-2025-53905.html
* https://www.suse.com/security/cve/CVE-2025-53906.html
* https://www.suse.com/security/cve/CVE-2025-55157.html
* https://www.suse.com/security/cve/CVE-2025-55158.html
* https://bugzilla.suse.com/show_bug.cgi?id=1246602
* https://bugzilla.suse.com/show_bug.cgi?id=1246604
* https://bugzilla.suse.com/show_bug.cgi?id=1247938
* https://bugzilla.suse.com/show_bug.cgi?id=1247939
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.suse.com/pipermail/sle-updates/attachments/20250917/8c69febd/attachment.htm>
More information about the sle-updates
mailing list