SUSE Container Update Advisory: 
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:3261-1
Container Tags        : suse/sle-micro-rancher/5.2:latest
Container Release     : 7.5.61
Severity              : important
Type                  : security
References            : 1188607 1192478 1198523 1199074 1202962 1203110 1203125 1203152
                        1203155 1203194 1203216 1203272 1203508 1203509 1203796 1203797
                        1203799 1203820 1203924 1204577 1204779 CVE-2019-18348 CVE-2020-10735
                        CVE-2020-8492 CVE-2021-3928 CVE-2022-2980 CVE-2022-2982 CVE-2022-3037
                        CVE-2022-3099 CVE-2022-3134 CVE-2022-3153 CVE-2022-3234 CVE-2022-3235
                        CVE-2022-3278 CVE-2022-3296 CVE-2022-3297 CVE-2022-3324 CVE-2022-3352
                        CVE-2022-3705 CVE-2022-37454 
-----------------------------------------------------------------

The container  was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-RU-2022:4270-1
Released:    Tue Nov 29 13:20:45 2022
Summary:     Recommended update for lvm2
Type:        recommended
Severity:    moderate
References:  1198523,1199074,1203216
This update for lvm2 fixes the following issues:

- Design changes to avoid kernel panic (bsc#1198523)
- Fix device-mapper rpm package versioning to prevent migration issues (bsc#1199074)
- killed lvmlockd doesn't clear/adopt locks leading to inability to start volume group (bsc#1203216)

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4281-1
Released:    Tue Nov 29 15:46:10 2022
Summary:     Security update for python3
Type:        security
Severity:    important
References:  1188607,1203125,1204577,CVE-2019-18348,CVE-2020-10735,CVE-2020-8492,CVE-2022-37454
This update for python3 fixes the following issues:

- CVE-2022-37454: Fixed a buffer overflow in hashlib.sha3_* implementations. (bsc#1204577)
- CVE-2020-10735: Fixed a bug to limit amount of digits converting text to int and vice vera. (bsc#1203125)

The following non-security bug was fixed:

- Fixed a crash in the garbage collection (bsc#1188607).

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4282-1
Released:    Tue Nov 29 15:50:15 2022
Summary:     Security update for vim
Type:        security
Severity:    important
References:  1192478,1202962,1203110,1203152,1203155,1203194,1203272,1203508,1203509,1203796,1203797,1203799,1203820,1203924,1204779,CVE-2021-3928,CVE-2022-2980,CVE-2022-2982,CVE-2022-3037,CVE-2022-3099,CVE-2022-3134,CVE-2022-3153,CVE-2022-3234,CVE-2022-3235,CVE-2022-3278,CVE-2022-3296,CVE-2022-3297,CVE-2022-3324,CVE-2022-3352,CVE-2022-3705
This update for vim fixes the following issues:

Updated to version 9.0 with patch level 0814:

- CVE-2021-3928: Fixed stack-based buffer overflow (bsc#1192478).
- CVE-2022-3234: Fixed heap-based buffer overflow (bsc#1203508).
- CVE-2022-3235: Fixed use-after-free (bsc#1203509).
- CVE-2022-3324: Fixed stack-based buffer overflow (bsc#1203820).
- CVE-2022-3705: Fixed use-after-free in function qf_update_buffer of the file quickfix.c (bsc#1204779).
- CVE-2022-2982: Fixed use-after-free in qf_fill_buffer() (bsc#1203152).
- CVE-2022-3296: Fixed stack out of bounds read in ex_finally() in ex_eval.c (bsc#1203796).
- CVE-2022-3297: Fixed use-after-free in process_next_cpt_value() at insexpand.c (bsc#1203797).
- CVE-2022-3099: Fixed use-after-free in ex_docmd.c (bsc#1203110).
- CVE-2022-3134: Fixed use-after-free in do_tag() (bsc#1203194).
- CVE-2022-3153: Fixed NULL pointer dereference (bsc#1203272).
- CVE-2022-3278: Fixed NULL pointer dereference in eval_next_non_blank() in eval.c (bsc#1203799).
- CVE-2022-3352: Fixed use-after-free (bsc#1203924).
- CVE-2022-2980: Fixed NULL pointer dereference in do_mouse() (bsc#1203155).
- CVE-2022-3037: Fixed use-after-free (bsc#1202962).


The following package changes have been done:

- device-mapper-2.03.05_1.02.163-150200.8.49.1 updated
- libdevmapper-event1_03-2.03.05_1.02.163-150200.8.49.1 updated
- libdevmapper1_03-2.03.05_1.02.163-150200.8.49.1 updated
- liblvm2cmd2_03-2.03.05-150200.8.49.1 updated
- libpython3_6m1_0-3.6.15-150300.10.37.2 updated
- lvm2-2.03.05-150200.8.49.1 updated
- python3-base-3.6.15-150300.10.37.2 updated
- vim-data-common-9.0.0814-150000.5.28.1 updated
- vim-small-9.0.0814-150000.5.28.1 updated