Oval Definition:oval:org.opensuse.security:def:50881
Revision Date:2020-12-01Version:1
Title:Security update for libsolv, libzypp, zypper (Moderate)
Description:

This update for libsolv, libzypp, zypper fixes the following issues:



Security issue fixed:

- CVE-2019-18900: Fixed assert cookie file that was world readable (bsc#1158763).

Bug fixes

- Fixed removing orphaned packages dropped by to-be-installed products (bsc#1155819). - Adds libzypp API to mark all obsolete kernels according to the existing purge-kernel script rules (bsc#1155198). - Do not enforce 'en' being in RequestedLocales If the user decides to have a system without explicit language support he may do so (bsc#1155678). - Load only target resolvables for zypper rm (bsc#1157377). - Fix broken search by filelist (bsc#1135114). - Replace python by a bash script in zypper-log (fixes#304, fixes#306, bsc#1156158). - Do not sort out requested locales which are not available (bsc#1155678). - Prevent listing duplicate matches in tables. XML result is provided within the new list-patches-byissue element (bsc#1154805). - XML add patch issue-date and issue-list (bsc#1154805). - Fix zypper lp --cve/bugzilla/issue options (bsc#1155298). - Always execute commit when adding/removing locales (fixes bsc#1155205). - Fix description of --table-style,-s in man page (bsc#1154804).
Family:unixClass:patch
Status:Reference(s):1027519
1051510
1054914
1055117
1061840
1065600
1065729
1071995
1082555
1104967
1109158
1113722
1114279
1118987
1119086
1123034
1127988
1131304
1134506
1135114
1137069
1137865
1137959
1140155
1140844
1141013
1142076
1142635
1144348
1144352
1146042
1146519
1146540
1146664
1148133
1148712
1148868
1149313
1149446
1149555
1149651
1149742
1150381
1150423
1151350
1151610
1151667
1151680
1151891
1151955
1152024
1152025
1152026
1152161
1152325
1152457
1152460
1152466
1152972
1152974
1152975
1152990
1152992
1152994
1152995
1153108
1154091
1154804
1154805
1155094
1155198
1155200
1155205
1155298
1155678
1155819
1156158
1156317
1156321
1157377
1157490
1157770
1158763
1159861
1160369
1160932
1160968
1161194
1162197
1162200
1162396
1162825
1162972
1164804
1165206
1166751
1167007
1167152
1168140
1168142
1168143
1169392
1172186
1172798
1172846
1173159
1173972
1174415
1174753
1174817
1175168
1175476
1175674
862963
CVE-2012-6708
CVE-2015-9251
CVE-2017-18595
CVE-2018-11805
CVE-2019-10220
CVE-2019-13272
CVE-2019-14491
CVE-2019-14492
CVE-2019-14562
CVE-2019-14821
CVE-2019-15239
CVE-2019-15291
CVE-2019-15845
CVE-2019-15939
CVE-2019-16201
CVE-2019-16254
CVE-2019-16255
CVE-2019-18348
CVE-2019-18900
CVE-2019-19948
CVE-2019-19949
CVE-2019-4732
CVE-2019-9506
CVE-2019-9674
CVE-2020-0556
CVE-2020-10730
CVE-2020-11739
CVE-2020-11740
CVE-2020-11741
CVE-2020-11742
CVE-2020-11743
CVE-2020-13844
CVE-2020-15900
CVE-2020-1930
CVE-2020-1931
CVE-2020-2583
CVE-2020-2593
CVE-2020-2604
CVE-2020-2659
CVE-2020-8130
CVE-2020-8165
SUSE-SU-2019:2706-1
SUSE-SU-2019:3192-2
SUSE-SU-2019:3230-1
SUSE-SU-2020:0275-1
SUSE-SU-2020:0432-1
SUSE-SU-2020:0466-1
SUSE-SU-2020:0737-1
SUSE-SU-2020:0813-1
SUSE-SU-2020:0918-1
SUSE-SU-2020:1124-1
SUSE-SU-2020:1339-1
SUSE-SU-2020:2095-1
SUSE-SU-2020:2713-1
SUSE-SU-2020:2947-1
Platform(s):SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Basesystem 15 SP2
SUSE Linux Enterprise Module for Legacy Software 15
SUSE Linux Enterprise Module for Live Patching 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2
SUSE Linux Enterprise Module for Python2 packages 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 15
SUSE Linux Enterprise Workstation Extension 15
SUSE Linux Enterprise Workstation Extension 15 SP2
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • freetype2-2.3.7-25.34 is installed
  • OR freetype2-32bit-2.3.7-25.34 is installed
  • OR ft2demos-2.3.7-25.34 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND Package Information
  • gd-2.1.0-3 is installed
  • OR gd-32bit-2.1.0-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • gd-2.1.0-5 is installed
  • OR gd-32bit-2.1.0-5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • cups-pk-helper-0.2.5-3 is installed
  • OR cups-pk-helper-lang-0.2.5-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND Package Information
  • augeas-1.2.0-15 is installed
  • OR augeas-lenses-1.2.0-15 is installed
  • OR libaugeas0-1.2.0-15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • gstreamer-0_10-plugins-good-0.10.31-16 is installed
  • OR gstreamer-0_10-plugins-good-lang-0.10.31-16 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for additional PackageHub packages 15 SP1 is installed
  • AND Package Information
  • opencv-3.3.1-6.6 is installed
  • OR python2-opencv-3.3.1-6.6 is installed
  • OR python3-opencv-3.3.1-6.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libsolv-0.7.10-3.13 is installed
  • OR libsolv-devel-0.7.10-3.13 is installed
  • OR libsolv-tools-0.7.10-3.13 is installed
  • OR libzypp-17.19.0-3.14 is installed
  • OR libzypp-devel-17.19.0-3.14 is installed
  • OR python3-solv-0.7.10-3.13 is installed
  • OR zypper-1.14.33-3.13 is installed
  • OR zypper-log-1.14.33-3.13 is installed
  • OR zypper-needs-restarting-1.14.33-3.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP2 is installed
  • AND Package Information
  • ghostscript-9.52-3.32 is installed
  • OR ghostscript-devel-9.52-3.32 is installed
  • OR ghostscript-x11-9.52-3.32 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-150.38 is installed
  • OR reiserfs-kmp-default-4.12.14-150.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Live Patching 15 SP1 is installed
  • AND Package Information
  • kernel-livepatch-4_12_14-197_7-default-6-2 is installed
  • OR kernel-livepatch-SLE15-SP1_Update_2-6-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • ImageMagick-7.0.7.34-3.79 is installed
  • OR ImageMagick-config-7-upstream-7.0.7.34-3.79 is installed
  • OR ImageMagick-devel-32bit-7.0.7.34-3.79 is installed
  • OR ImageMagick-doc-7.0.7.34-3.79 is installed
  • OR ImageMagick-extra-7.0.7.34-3.79 is installed
  • OR libMagick++-7_Q16HDRI4-32bit-7.0.7.34-3.79 is installed
  • OR libMagick++-devel-32bit-7.0.7.34-3.79 is installed
  • OR libMagickCore-7_Q16HDRI6-32bit-7.0.7.34-3.79 is installed
  • OR libMagickWand-7_Q16HDRI6-32bit-7.0.7.34-3.79 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP2 is installed
  • AND Package Information
  • ldb-1.4.6-3.5 is installed
  • OR libldb1-32bit-1.4.6-3.5 is installed
  • OR python-ldb-32bit-1.4.6-3.5 is installed
  • OR python-ldb-devel-1.4.6-3.5 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Python2 packages 15 SP1 is installed
  • AND Package Information
  • python-2.7.17-7.38 is installed
  • OR python-base-2.7.17-7.38 is installed
  • OR python-curses-2.7.17-7.38 is installed
  • OR python-devel-2.7.17-7.38 is installed
  • OR python-gdbm-2.7.17-7.38 is installed
  • OR python-xml-2.7.17-7.38 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • xen-4.12.2_04-3.15 is installed
  • OR xen-devel-4.12.2_04-3.15 is installed
  • OR xen-tools-4.12.2_04-3.15 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libXi6-1.7.4-9 is installed
  • OR libXi6-32bit-1.7.4-9 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kernel-default-3.12.74-60.64.54 is installed
  • OR kernel-default-base-3.12.74-60.64.54 is installed
  • OR kernel-default-devel-3.12.74-60.64.54 is installed
  • OR kernel-default-man-3.12.74-60.64.54 is installed
  • OR kernel-devel-3.12.74-60.64.54 is installed
  • OR kernel-macros-3.12.74-60.64.54 is installed
  • OR kernel-source-3.12.74-60.64.54 is installed
  • OR kernel-syms-3.12.74-60.64.54 is installed
  • OR kernel-xen-3.12.74-60.64.54 is installed
  • OR kernel-xen-base-3.12.74-60.64.54 is installed
  • OR kernel-xen-devel-3.12.74-60.64.54 is installed
  • OR kgraft-patch-3_12_74-60_64_54-default-1-2 is installed
  • OR kgraft-patch-3_12_74-60_64_54-xen-1-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_19-1-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libXRes1-1.0.7-3 is installed
  • OR libXRes1-32bit-1.0.7-3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_8_0-ibm-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-alsa-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-devel-1.8.0_sr5.15-30.33 is installed
  • OR java-1_8_0-ibm-plugin-1.8.0_sr5.15-30.33 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_120-92_70-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_20-7-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_35-default-10-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_12-10-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND ctags-5.8-7 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_175-94_79-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_23-5-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND axis-1.4-290.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND perl-YAML-LibYAML-0.38-10 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • ovmf-2017+git1510945757.b2662641d5-5.35 is installed
  • OR ovmf-tools-2017+git1510945757.b2662641d5-5.35 is installed
  • OR qemu-ovmf-x86_64-2017+git1510945757.b2662641d5-5.35 is installed
  • OR qemu-uefi-aarch64-2017+git1510945757.b2662641d5-5.35 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • cpp10-10.2.1+git583-1.3 is installed
  • OR cross-nvptx-gcc10-10.2.1+git583-1.3 is installed
  • OR cross-nvptx-newlib10-devel-10.2.1+git583-1.3 is installed
  • OR gcc10-10.2.1+git583-1.3 is installed
  • OR gcc10-32bit-10.2.1+git583-1.3 is installed
  • OR gcc10-ada-10.2.1+git583-1.3 is installed
  • OR gcc10-ada-32bit-10.2.1+git583-1.3 is installed
  • OR gcc10-c++-10.2.1+git583-1.3 is installed
  • OR gcc10-c++-32bit-10.2.1+git583-1.3 is installed
  • OR gcc10-fortran-10.2.1+git583-1.3 is installed
  • OR gcc10-fortran-32bit-10.2.1+git583-1.3 is installed
  • OR gcc10-go-10.2.1+git583-1.3 is installed
  • OR gcc10-go-32bit-10.2.1+git583-1.3 is installed
  • OR gcc10-info-10.2.1+git583-1.3 is installed
  • OR gcc10-locale-10.2.1+git583-1.3 is installed
  • OR libada10-10.2.1+git583-1.3 is installed
  • OR libada10-32bit-10.2.1+git583-1.3 is installed
  • OR libasan6-10.2.1+git583-1.3 is installed
  • OR libasan6-32bit-10.2.1+git583-1.3 is installed
  • OR libatomic1-10.2.1+git583-1.3 is installed
  • OR libatomic1-32bit-10.2.1+git583-1.3 is installed
  • OR libgcc_s1-10.2.1+git583-1.3 is installed
  • OR libgcc_s1-32bit-10.2.1+git583-1.3 is installed
  • OR libgfortran5-10.2.1+git583-1.3 is installed
  • OR libgfortran5-32bit-10.2.1+git583-1.3 is installed
  • OR libgo16-10.2.1+git583-1.3 is installed
  • OR libgo16-32bit-10.2.1+git583-1.3 is installed
  • OR libgomp1-10.2.1+git583-1.3 is installed
  • OR libgomp1-32bit-10.2.1+git583-1.3 is installed
  • OR libitm1-10.2.1+git583-1.3 is installed
  • OR libitm1-32bit-10.2.1+git583-1.3 is installed
  • OR liblsan0-10.2.1+git583-1.3 is installed
  • OR libquadmath0-10.2.1+git583-1.3 is installed
  • OR libquadmath0-32bit-10.2.1+git583-1.3 is installed
  • OR libstdc++6-10.2.1+git583-1.3 is installed
  • OR libstdc++6-32bit-10.2.1+git583-1.3 is installed
  • OR libstdc++6-devel-gcc10-10.2.1+git583-1.3 is installed
  • OR libstdc++6-devel-gcc10-32bit-10.2.1+git583-1.3 is installed
  • OR libstdc++6-locale-10.2.1+git583-1.3 is installed
  • OR libstdc++6-pp-gcc10-10.2.1+git583-1.3 is installed
  • OR libstdc++6-pp-gcc10-32bit-10.2.1+git583-1.3 is installed
  • OR libtsan0-10.2.1+git583-1.3 is installed
  • OR libubsan1-10.2.1+git583-1.3 is installed
  • OR libubsan1-32bit-10.2.1+git583-1.3 is installed
  • OR nvptx-tools-1.0-4.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 is installed
  • AND Package Information
  • kernel-default-4.12.14-25.22 is installed
  • OR kernel-default-extra-4.12.14-25.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Workstation Extension 15 SP2 is installed
  • AND Package Information
  • freerdp-2.1.2-15.7 is installed
  • OR freerdp-devel-2.1.2-15.7 is installed
  • OR libfreerdp2-2.1.2-15.7 is installed
  • OR libwinpr2-2.1.2-15.7 is installed
  • OR winpr2-devel-2.1.2-15.7 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND apache2-mod_wsgi-4.4.13-1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • xen-4.7.5_04-43.33 is installed
  • OR xen-doc-html-4.7.5_04-43.33 is installed
  • OR xen-libs-4.7.5_04-43.33 is installed
  • OR xen-libs-32bit-4.7.5_04-43.33 is installed
  • OR xen-tools-4.7.5_04-43.33 is installed
  • OR xen-tools-domU-4.7.5_04-43.33 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • glib2-2.48.2-12.15 is installed
  • OR glib2-lang-2.48.2-12.15 is installed
  • OR glib2-tools-2.48.2-12.15 is installed
  • OR libgio-2_0-0-2.48.2-12.15 is installed
  • OR libgio-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libglib-2_0-0-2.48.2-12.15 is installed
  • OR libglib-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-2.48.2-12.15 is installed
  • OR libgmodule-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-2.48.2-12.15 is installed
  • OR libgobject-2_0-0-32bit-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-2.48.2-12.15 is installed
  • OR libgthread-2_0-0-32bit-2.48.2-12.15 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND ucode-intel-20191112-13.53 is installed
    • BACK