SUSE Container Update Advisory: 
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2022:3226-1
Container Tags        : suse/sle-micro-rancher/5.3:latest
Container Release     : 7.2.56
Severity              : important
Type                  : security
References            : 1192478 1202962 1203110 1203152 1203155 1203194 1203272 1203508
                        1203509 1203796 1203797 1203799 1203820 1203924 1204779 CVE-2021-3928
                        CVE-2022-2980 CVE-2022-2982 CVE-2022-3037 CVE-2022-3099 CVE-2022-3134
                        CVE-2022-3153 CVE-2022-3234 CVE-2022-3235 CVE-2022-3278 CVE-2022-3296
                        CVE-2022-3297 CVE-2022-3324 CVE-2022-3352 CVE-2022-3705 
-----------------------------------------------------------------

The container  was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2022:4282-1
Released:    Tue Nov 29 15:50:15 2022
Summary:     Security update for vim
Type:        security
Severity:    important
References:  1192478,1202962,1203110,1203152,1203155,1203194,1203272,1203508,1203509,1203796,1203797,1203799,1203820,1203924,1204779,CVE-2021-3928,CVE-2022-2980,CVE-2022-2982,CVE-2022-3037,CVE-2022-3099,CVE-2022-3134,CVE-2022-3153,CVE-2022-3234,CVE-2022-3235,CVE-2022-3278,CVE-2022-3296,CVE-2022-3297,CVE-2022-3324,CVE-2022-3352,CVE-2022-3705
This update for vim fixes the following issues:

Updated to version 9.0 with patch level 0814:

- CVE-2021-3928: Fixed stack-based buffer overflow (bsc#1192478).
- CVE-2022-3234: Fixed heap-based buffer overflow (bsc#1203508).
- CVE-2022-3235: Fixed use-after-free (bsc#1203509).
- CVE-2022-3324: Fixed stack-based buffer overflow (bsc#1203820).
- CVE-2022-3705: Fixed use-after-free in function qf_update_buffer of the file quickfix.c (bsc#1204779).
- CVE-2022-2982: Fixed use-after-free in qf_fill_buffer() (bsc#1203152).
- CVE-2022-3296: Fixed stack out of bounds read in ex_finally() in ex_eval.c (bsc#1203796).
- CVE-2022-3297: Fixed use-after-free in process_next_cpt_value() at insexpand.c (bsc#1203797).
- CVE-2022-3099: Fixed use-after-free in ex_docmd.c (bsc#1203110).
- CVE-2022-3134: Fixed use-after-free in do_tag() (bsc#1203194).
- CVE-2022-3153: Fixed NULL pointer dereference (bsc#1203272).
- CVE-2022-3278: Fixed NULL pointer dereference in eval_next_non_blank() in eval.c (bsc#1203799).
- CVE-2022-3352: Fixed use-after-free (bsc#1203924).
- CVE-2022-2980: Fixed NULL pointer dereference in do_mouse() (bsc#1203155).
- CVE-2022-3037: Fixed use-after-free (bsc#1202962).


The following package changes have been done:

- vim-data-common-9.0.0814-150000.5.28.1 updated
- vim-small-9.0.0814-150000.5.28.1 updated