SUSE Container Update Advisory: suse/sle-micro/5.5/toolbox
-----------------------------------------------------------------
Container Advisory ID : SUSE-CU-2023:3900-1
Container Tags        : suse/sle-micro/5.5/toolbox:12.1 , suse/sle-micro/5.5/toolbox:12.1-2.2.104 , suse/sle-micro/5.5/toolbox:latest
Container Release     : 2.2.104
Severity              : important
Type                  : security
References            : 1214922 1214924 1214925 1215004 1215006 1215033 1215940 1216001
                        1216167 1216696 CVE-2023-46246 CVE-2023-4733 CVE-2023-4734 CVE-2023-4735
                        CVE-2023-4738 CVE-2023-4752 CVE-2023-4781 CVE-2023-5344 CVE-2023-5441
                        CVE-2023-5535 
-----------------------------------------------------------------

The container suse/sle-micro/5.5/toolbox was updated. The following patches have been included in this update:

-----------------------------------------------------------------
Advisory ID: SUSE-SU-2023:4557-1
Released:    Fri Nov 24 17:04:36 2023
Summary:     Security update for vim
Type:        security
Severity:    important
References:  1214922,1214924,1214925,1215004,1215006,1215033,1215940,1216001,1216167,1216696,CVE-2023-46246,CVE-2023-4733,CVE-2023-4734,CVE-2023-4735,CVE-2023-4738,CVE-2023-4752,CVE-2023-4781,CVE-2023-5344,CVE-2023-5441,CVE-2023-5535
This update for vim fixes the following issues:

Updated to version 9.0 with patch level 2103, fixes the following security problems

* CVE-2023-5344: vim: Heap-based Buffer Overflow in vim prior to 9.0.1969 (bsc#1215940)
* CVE-2023-5441: vim: segfault in exmode when redrawing (bsc#1216001)
* CVE-2023-5535: vim: use-after-free from buf_contents_changed() (bsc#1216167)
* CVE-2023-46246: vim: Integer Overflow in :history command (bsc#1216696)
* CVE-2023-4738: vim: heap-buffer-overflow in vim_regsub_both (bsc#1214922)
* CVE-2023-4735: vim: OOB Write ops.c (bsc#1214924)
* CVE-2023-4734: vim: segmentation fault in function f_fullcommand (bsc#1214925)
* CVE-2023-4733: vim: use-after-free in function buflist_altfpos (bsc#1215004)
* CVE-2023-4752: vim: Heap Use After Free in function ins_compl_get_exp (bsc#1215006)
* CVE-2023-4781: vim: heap-buffer-overflow in function vim_regsub_both (bsc#1215033)


The following package changes have been done:

- vim-data-common-9.0.2103-150500.20.6.1 updated
- vim-9.0.2103-150500.20.6.1 updated