Oval Definition:oval:org.opensuse.security:def:51923
Revision Date:2021-06-28Version:1
Title:Security update for libsolv (Important)
Description:

This update for libsolv fixes the following issues:

Security issues fixed:

- CVE-2019-20387: Fixed heap-buffer-overflow in repodata_schema2id (bsc#1161510) - CVE-2021-3200: testcase_read: error out if repos are added or the system is changed too late (bsc#1186229)

Other issues fixed:

- backport support for blacklisted packages to support ptf packages and retracted patches - fix ruleinfo of complex dependencies returning the wrong origin - fix SOLVER_FLAG_FOCUS_BEST updateing packages without reason - fix add_complex_recommends() selecting conflicted packages in rare cases - fix potential segfault in resolve_jobrules - fix solv_zchunk decoding error if large chunks are used
Family:unixClass:patch
Status:Reference(s):1082318
1134689
1138034
1140255
1140750
1148931
1160903
1160905
1161510
1173376
1173377
1173378
1173380
1173389
1175596
1177472
1178428
1186229
CVE-2009-0946
CVE-2010-2497
CVE-2010-2529
CVE-2010-2805
CVE-2010-3053
CVE-2010-3054
CVE-2010-3311
CVE-2010-3814
CVE-2011-0226
CVE-2011-0904
CVE-2011-0905
CVE-2011-1164
CVE-2011-3200
CVE-2012-4453
CVE-2012-5668
CVE-2012-5669
CVE-2012-5670
CVE-2013-4758
CVE-2013-6370
CVE-2013-6371
CVE-2014-1545
CVE-2014-2240
CVE-2014-3634
CVE-2014-9656
CVE-2014-9657
CVE-2014-9658
CVE-2014-9659
CVE-2014-9660
CVE-2014-9661
CVE-2014-9662
CVE-2014-9663
CVE-2014-9664
CVE-2014-9665
CVE-2014-9666
CVE-2014-9667
CVE-2014-9668
CVE-2014-9669
CVE-2014-9670
CVE-2014-9671
CVE-2014-9672
CVE-2014-9673
CVE-2014-9674
CVE-2014-9675
CVE-2015-7183
CVE-2016-9634
CVE-2016-9635
CVE-2016-9636
CVE-2016-9807
CVE-2016-9808
CVE-2016-9810
CVE-2016-9811
CVE-2017-5837
CVE-2017-5844
CVE-2019-10130
CVE-2019-10164
CVE-2019-13132
CVE-2019-13314
CVE-2019-18902
CVE-2019-20387
CVE-2019-8595
CVE-2019-8607
CVE-2019-8615
CVE-2019-8644
CVE-2019-8649
CVE-2019-8658
CVE-2019-8666
CVE-2019-8669
CVE-2019-8671
CVE-2019-8672
CVE-2019-8673
CVE-2019-8676
CVE-2019-8677
CVE-2019-8678
CVE-2019-8679
CVE-2019-8680
CVE-2019-8681
CVE-2019-8683
CVE-2019-8684
CVE-2019-8686
CVE-2019-8687
CVE-2019-8688
CVE-2019-8689
CVE-2019-8690
CVE-2020-11996
CVE-2020-14765
CVE-2020-14776
CVE-2020-14789
CVE-2020-14812
CVE-2020-15180
CVE-2020-15563
CVE-2020-15565
CVE-2020-15566
CVE-2020-15567
CVE-2020-7216
CVE-2021-3200
SUSE-SU-2019:1776-1
SUSE-SU-2019:2012-1
SUSE-SU-2019:2428-1
SUSE-SU-2020:0263-1
SUSE-SU-2020:1888-1
SUSE-SU-2020:1983-1
SUSE-SU-2020:3045-1
SUSE-SU-2020:3500-1
SUSE-SU-2021:2180-1
Platform(s):openSUSE Leap 15.0
SUSE Linux Enterprise Desktop 11 SP2
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 12
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Desktop 12 SP3
SUSE Linux Enterprise Desktop 12 SP4
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP1
SUSE Linux Enterprise Module for Server Applications 15 SP2
SUSE Linux Enterprise Module for Web Scripting 15 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 15-LTSS
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 15
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • ImageMagick-7.0.7.29-lp150.1 is installed
  • OR libMagick++-7_Q16HDRI4-7.0.7.29-lp150.1 is installed
  • OR libMagickCore-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
  • OR libMagickWand-7_Q16HDRI6-7.0.7.29-lp150.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP2 is installed
  • AND Package Information
  • java-1_6_0-openjdk-1.6.0.0_b27.1.12.7-0.2 is installed
  • OR java-1_6_0-openjdk-demo-1.6.0.0_b27.1.12.7-0.2 is installed
  • OR java-1_6_0-openjdk-devel-1.6.0.0_b27.1.12.7-0.2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • openssh-6.2p2-0.13 is installed
  • OR openssh-askpass-6.2p2-0.13 is installed
  • OR openssh-askpass-gnome-6.2p2-0.13 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 is installed
  • AND dracut-037-34 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND iputils-s20121221-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • mozilla-nspr-4.12-15 is installed
  • OR mozilla-nspr-32bit-4.12-15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP3 is installed
  • AND ft2demos-2.6.3-7.10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP4 is installed
  • AND Package Information
  • cpp48-4.8.5-31.17 is installed
  • OR gcc48-4.8.5-31.17 is installed
  • OR gcc48-32bit-4.8.5-31.17 is installed
  • OR gcc48-c++-4.8.5-31.17 is installed
  • OR gcc48-gij-4.8.5-31.17 is installed
  • OR gcc48-gij-32bit-4.8.5-31.17 is installed
  • OR gcc48-info-4.8.5-31.17 is installed
  • OR libasan0-4.8.5-31.17 is installed
  • OR libasan0-32bit-4.8.5-31.17 is installed
  • OR libgcj48-4.8.5-31.17 is installed
  • OR libgcj48-32bit-4.8.5-31.17 is installed
  • OR libgcj48-jar-4.8.5-31.17 is installed
  • OR libgcj_bc1-4.8.5-31.17 is installed
  • OR libstdc++48-devel-4.8.5-31.17 is installed
  • OR libstdc++48-devel-32bit-4.8.5-31.17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • zeromq-4.2.3-3.8 is installed
  • OR zeromq-tools-4.2.3-3.8 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed
  • AND Package Information
  • libecpg6-10.9-8.3 is installed
  • OR postgresql10-10.9-8.3 is installed
  • OR postgresql10-contrib-10.9-8.3 is installed
  • OR postgresql10-devel-10.9-8.3 is installed
  • OR postgresql10-docs-10.9-8.3 is installed
  • OR postgresql10-plperl-10.9-8.3 is installed
  • OR postgresql10-plpython-10.9-8.3 is installed
  • OR postgresql10-pltcl-10.9-8.3 is installed
  • OR postgresql10-server-10.9-8.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed
  • AND Package Information
  • python3-virt-bootstrap-1.0.0-5.3 is installed
  • OR virt-bootstrap-1.0.0-5.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed
  • AND Package Information
  • tomcat-9.0.36-3.3 is installed
  • OR tomcat-admin-webapps-9.0.36-3.3 is installed
  • OR tomcat-el-3_0-api-9.0.36-3.3 is installed
  • OR tomcat-jsp-2_3-api-9.0.36-3.3 is installed
  • OR tomcat-lib-9.0.36-3.3 is installed
  • OR tomcat-servlet-4_0-api-9.0.36-3.3 is installed
  • OR tomcat-webapps-9.0.36-3.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • libfreebl3-3.19.2.1-29 is installed
  • OR libfreebl3-32bit-3.19.2.1-29 is installed
  • OR libfreebl3-hmac-3.19.2.1-29 is installed
  • OR libfreebl3-hmac-32bit-3.19.2.1-29 is installed
  • OR libsoftokn3-3.19.2.1-29 is installed
  • OR libsoftokn3-32bit-3.19.2.1-29 is installed
  • OR libsoftokn3-hmac-3.19.2.1-29 is installed
  • OR libsoftokn3-hmac-32bit-3.19.2.1-29 is installed
  • OR mozilla-nss-3.19.2.1-29 is installed
  • OR mozilla-nss-32bit-3.19.2.1-29 is installed
  • OR mozilla-nss-certs-3.19.2.1-29 is installed
  • OR mozilla-nss-certs-32bit-3.19.2.1-29 is installed
  • OR mozilla-nss-sysinit-3.19.2.1-29 is installed
  • OR mozilla-nss-sysinit-32bit-3.19.2.1-29 is installed
  • OR mozilla-nss-tools-3.19.2.1-29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_99-default-10-2 is installed
  • OR kgraft-patch-3_12_74-60_64_99-xen-10-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_30-10-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • evince-3.20.1-5 is installed
  • OR evince-browser-plugin-3.20.1-5 is installed
  • OR evince-lang-3.20.1-5 is installed
  • OR evince-plugin-djvudocument-3.20.1-5 is installed
  • OR evince-plugin-dvidocument-3.20.1-5 is installed
  • OR evince-plugin-pdfdocument-3.20.1-5 is installed
  • OR evince-plugin-psdocument-3.20.1-5 is installed
  • OR evince-plugin-tiffdocument-3.20.1-5 is installed
  • OR evince-plugin-xpsdocument-3.20.1-5 is installed
  • OR libevdocument3-4-3.20.1-5 is installed
  • OR libevview3-3-3.20.1-5 is installed
  • OR nautilus-evince-3.20.1-5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • xen-4.7.6_05-43.45 is installed
  • OR xen-doc-html-4.7.6_05-43.45 is installed
  • OR xen-libs-4.7.6_05-43.45 is installed
  • OR xen-libs-32bit-4.7.6_05-43.45 is installed
  • OR xen-tools-4.7.6_05-43.45 is installed
  • OR xen-tools-domU-4.7.6_05-43.45 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • java-1_8_0-openjdk-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-demo-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-devel-1.8.0.181-27.26 is installed
  • OR java-1_8_0-openjdk-headless-1.8.0.181-27.26 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_74-92_32-default-8-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_11-8-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND ctags-5.8-7 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • libsolv-0.6.36-2.27.19 is installed
  • OR libsolv-tools-0.6.36-2.27.19 is installed
  • OR libzypp-16.20.2-27.60 is installed
  • OR perl-solv-0.6.36-2.27.19 is installed
  • OR python-solv-0.6.36-2.27.19 is installed
  • OR zypper-1.13.54-18.40 is installed
  • OR zypper-log-1.13.54-18.40 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND sudo-1.8.20p2-3.17 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • kgraft-patch-4_4_162-94_69-default-5-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_21-5-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libcroco-0.6.11-12.3 is installed
  • OR libcroco-0_6-3-0.6.11-12.3 is installed
  • OR libcroco-0_6-3-32bit-0.6.11-12.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND clamav-0.100.2-33.18 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 15-LTSS is installed
  • AND Package Information
  • wicked-0.6.60-3.21 is installed
  • OR wicked-service-0.6.60-3.21 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND Package Information
  • libsolv-devel-0.6.37-2.33.1 is installed
  • OR libsolv-tools-0.6.37-2.33.1 is installed
  • OR libzypp-16.21.4-2.51.1 is installed
  • OR libzypp-devel-16.21.4-2.51.1 is installed
  • OR perl-solv-0.6.37-2.33.1 is installed
  • OR python-solv-0.6.37-2.33.1 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 15 is installed
  • AND Package Information
  • xen-4.10.4_12-3.35 is installed
  • OR xen-devel-4.10.4_12-3.35 is installed
  • OR xen-libs-4.10.4_12-3.35 is installed
  • OR xen-tools-4.10.4_12-3.35 is installed
  • OR xen-tools-domU-4.10.4_12-3.35 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND unrar-5.0.14-3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • libopenssl-devel-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-32bit-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-1.0.2j-60.30 is installed
  • OR libopenssl1_0_0-hmac-32bit-1.0.2j-60.30 is installed
  • OR openssl-1.0.2j-60.30 is installed
  • OR openssl-doc-1.0.2j-60.30 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • dnsmasq-2.78-18.12 is installed
  • OR dnsmasq-utils-2.78-18.12 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 9 is installed
  • AND python-Twisted-15.2.1-9.8 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • dnsmasq-2.78-18.6 is installed
  • OR dnsmasq-utils-2.78-18.6 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND python-Django1-1.11.20-3.6 is installed
  • BACK