Oval Definition:oval:org.opensuse.security:def:60302
Revision Date:2021-06-28Version:1
Title:Security update for libsolv (Important)
Description:

This update for libsolv fixes the following issues:

Security issues fixed:

- CVE-2019-20387: Fixed heap-buffer-overflow in repodata_schema2id (bsc#1161510) - CVE-2021-3200: testcase_read: error out if repos are added or the system is changed too late (bsc#1186229)

Other issues fixed:

- backport support for blacklisted packages to support ptf packages and retracted patches - fix ruleinfo of complex dependencies returning the wrong origin - fix SOLVER_FLAG_FOCUS_BEST updateing packages without reason - fix add_complex_recommends() selecting conflicted packages in rare cases - fix potential segfault in resolve_jobrules - fix solv_zchunk decoding error if large chunks are used
Family:unixClass:patch
Status:Reference(s):1061343
1077993
1078806
1078813
1094717
1101428
1101566
1101567
1101568
1101569
1101570
1101571
1101573
1101576
1101577
1101578
1101581
1101582
1101583
1101588
1101589
1111331
1123156
1135273
1146873
1149294
1149295
1149296
1149297
1149298
1149299
1149303
1149304
1149324
1149811
1154212
1158442
1159819
1160024
1161066
1161510
1163018
1166240
1168669
1169740
1169746
1170908
1170940
1171355
1171978
1172651
1173022
1173334
1174922
1174923
1177943
1186229
980830
982129
986534
CVE-2006-4197
CVE-2007-4772
CVE-2007-6600
CVE-2009-4034
CVE-2009-4136
CVE-2010-1169
CVE-2010-1170
CVE-2010-3433
CVE-2011-1709
CVE-2012-0866
CVE-2012-0867
CVE-2012-0868
CVE-2012-2143
CVE-2012-2655
CVE-2012-3488
CVE-2012-3489
CVE-2013-0255
CVE-2013-1899
CVE-2013-1900
CVE-2013-1901
CVE-2014-0060
CVE-2014-0061
CVE-2014-0062
CVE-2014-0063
CVE-2014-0064
CVE-2014-0065
CVE-2014-0066
CVE-2014-0067
CVE-2014-3467
CVE-2014-3468
CVE-2014-3469
CVE-2014-9116
CVE-2015-2806
CVE-2015-3165
CVE-2015-3166
CVE-2015-3167
CVE-2015-3622
CVE-2015-4047
CVE-2015-5185
CVE-2015-5288
CVE-2015-5289
CVE-2016-0766
CVE-2016-0773
CVE-2016-2193
CVE-2016-3065
CVE-2016-4008
CVE-2016-5131
CVE-2017-15412
CVE-2017-5130
CVE-2017-7484
CVE-2017-7485
CVE-2017-7486
CVE-2018-12126
CVE-2018-12127
CVE-2018-12130
CVE-2018-14349
CVE-2018-14350
CVE-2018-14351
CVE-2018-14352
CVE-2018-14353
CVE-2018-14354
CVE-2018-14355
CVE-2018-14356
CVE-2018-14357
CVE-2018-14358
CVE-2018-14359
CVE-2018-14360
CVE-2018-14361
CVE-2018-14362
CVE-2018-14363
CVE-2018-8956
CVE-2019-11091
CVE-2019-11740
CVE-2019-11742
CVE-2019-11743
CVE-2019-11744
CVE-2019-11746
CVE-2019-11752
CVE-2019-11753
CVE-2019-12068
CVE-2019-15890
CVE-2019-17006
CVE-2019-17631
CVE-2019-20387
CVE-2019-2933
CVE-2019-2945
CVE-2019-2958
CVE-2019-2962
CVE-2019-2964
CVE-2019-2973
CVE-2019-2975
CVE-2019-2978
CVE-2019-2981
CVE-2019-2983
CVE-2019-2988
CVE-2019-2989
CVE-2019-2992
CVE-2019-2996
CVE-2019-2999
CVE-2019-6778
CVE-2019-9812
CVE-2020-11868
CVE-2020-12399
CVE-2020-12402
CVE-2020-12673
CVE-2020-12674
CVE-2020-13817
CVE-2020-14779
CVE-2020-14781
CVE-2020-14782
CVE-2020-14792
CVE-2020-14796
CVE-2020-14797
CVE-2020-14798
CVE-2020-14803
CVE-2020-15025
CVE-2020-1711
CVE-2020-1983
CVE-2020-7039
CVE-2020-8608
CVE-2021-3200
SUSE-SU-2018:0401-1
SUSE-SU-2018:2084-1
SUSE-SU-2019:1547-1
SUSE-SU-2019:2436-1
SUSE-SU-2020:0024-1
SUSE-SU-2020:1538-1
SUSE-SU-2020:1805-1
SUSE-SU-2020:1839-1
SUSE-SU-2020:2274-1
SUSE-SU-2020:3310-1
SUSE-SU-2021:2180-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-BCL
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-LTSS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-ESPOS
SUSE Linux Enterprise Server 12 SP4-LTSS
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.24.2-lp151.2.3 is installed
  • OR libjavascriptcoregtk-4_0-18-32bit-2.24.2-lp151.2.3 is installed
  • OR libwebkit2gtk-4_0-37-2.24.2-lp151.2.3 is installed
  • OR libwebkit2gtk-4_0-37-32bit-2.24.2-lp151.2.3 is installed
  • OR libwebkit2gtk3-lang-2.24.2-lp151.2.3 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.24.2-lp151.2.3 is installed
  • OR typelib-1_0-WebKit2-4_0-2.24.2-lp151.2.3 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.24.2-lp151.2.3 is installed
  • OR webkit-jsc-4-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-devel-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-minibrowser-2.24.2-lp151.2.3 is installed
  • OR webkit2gtk3-plugin-process-gtk2-2.24.2-lp151.2.3 is installed
    • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • bind-9.11.2-lp151.11.6 is installed
  • OR bind-chrootenv-9.11.2-lp151.11.6 is installed
  • OR bind-devel-9.11.2-lp151.11.6 is installed
  • OR bind-devel-32bit-9.11.2-lp151.11.6 is installed
  • OR bind-doc-9.11.2-lp151.11.6 is installed
  • OR bind-lwresd-9.11.2-lp151.11.6 is installed
  • OR bind-utils-9.11.2-lp151.11.6 is installed
  • OR libbind9-160-9.11.2-lp151.11.6 is installed
  • OR libbind9-160-32bit-9.11.2-lp151.11.6 is installed
  • OR libdns169-9.11.2-lp151.11.6 is installed
  • OR libdns169-32bit-9.11.2-lp151.11.6 is installed
  • OR libirs-devel-9.11.2-lp151.11.6 is installed
  • OR libirs160-9.11.2-lp151.11.6 is installed
  • OR libirs160-32bit-9.11.2-lp151.11.6 is installed
  • OR libisc166-9.11.2-lp151.11.6 is installed
  • OR libisc166-32bit-9.11.2-lp151.11.6 is installed
  • OR libisccc160-9.11.2-lp151.11.6 is installed
  • OR libisccc160-32bit-9.11.2-lp151.11.6 is installed
  • OR libisccfg160-9.11.2-lp151.11.6 is installed
  • OR libisccfg160-32bit-9.11.2-lp151.11.6 is installed
  • OR liblwres160-9.11.2-lp151.11.6 is installed
  • OR liblwres160-32bit-9.11.2-lp151.11.6 is installed
  • OR python3-bind-9.11.2-lp151.11.6 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • gdm-3.10.0.1-52 is installed
  • OR gdm-lang-3.10.0.1-52 is installed
  • OR gdmflexiserver-3.10.0.1-52 is installed
  • OR libgdm1-3.10.0.1-52 is installed
  • OR typelib-1_0-Gdm-1_0-3.10.0.1-52 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-BCL is installed
  • AND Package Information
  • qemu-2.9.1-6.44 is installed
  • OR qemu-block-curl-2.9.1-6.44 is installed
  • OR qemu-block-iscsi-2.9.1-6.44 is installed
  • OR qemu-block-rbd-2.9.1-6.44 is installed
  • OR qemu-block-ssh-2.9.1-6.44 is installed
  • OR qemu-guest-agent-2.9.1-6.44 is installed
  • OR qemu-ipxe-1.0.0+-6.44 is installed
  • OR qemu-kvm-2.9.1-6.44 is installed
  • OR qemu-lang-2.9.1-6.44 is installed
  • OR qemu-seabios-1.10.2-6.44 is installed
  • OR qemu-sgabios-8-6.44 is installed
  • OR qemu-tools-2.9.1-6.44 is installed
  • OR qemu-vgabios-1.10.2-6.44 is installed
  • OR qemu-x86-2.9.1-6.44 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • cups-1.7.5-20.29 is installed
  • OR cups-client-1.7.5-20.29 is installed
  • OR cups-libs-1.7.5-20.29 is installed
  • OR cups-libs-32bit-1.7.5-20.29 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-LTSS is installed
  • AND Package Information
  • dovecot22-2.2.31-19.22 is installed
  • OR dovecot22-backend-mysql-2.2.31-19.22 is installed
  • OR dovecot22-backend-pgsql-2.2.31-19.22 is installed
  • OR dovecot22-backend-sqlite-2.2.31-19.22 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libQtWebKit4-4.8.7+2.3.4-4.7 is installed
  • OR libQtWebKit4-32bit-4.8.7+2.3.4-4.7 is installed
  • OR libqca2-2.0.3-17.7 is installed
  • OR libqca2-32bit-2.0.3-17.7 is installed
  • OR libqt4-4.8.7-8.8 is installed
  • OR libqt4-32bit-4.8.7-8.8 is installed
  • OR libqt4-devel-doc-4.8.7-8.8 is installed
  • OR libqt4-qt3support-4.8.7-8.8 is installed
  • OR libqt4-qt3support-32bit-4.8.7-8.8 is installed
  • OR libqt4-sql-4.8.7-8.8 is installed
  • OR libqt4-sql-32bit-4.8.7-8.8 is installed
  • OR libqt4-sql-mysql-4.8.7-8.8 is installed
  • OR libqt4-sql-plugins-4.8.7-8.8 is installed
  • OR libqt4-sql-sqlite-4.8.7-8.8 is installed
  • OR libqt4-x11-4.8.7-8.8 is installed
  • OR libqt4-x11-32bit-4.8.7-8.8 is installed
  • OR qt4-x11-tools-4.8.7-8.8 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND davfs2-1.5.2-2 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-ESPOS is installed
  • AND Package Information
  • xorg-x11-server-1.19.6-4.11 is installed
  • OR xorg-x11-server-extra-1.19.6-4.11 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • xen-4.11.4_06-2.33 is installed
  • OR xen-doc-html-4.11.4_06-2.33 is installed
  • OR xen-libs-4.11.4_06-2.33 is installed
  • OR xen-libs-32bit-4.11.4_06-2.33 is installed
  • OR xen-tools-4.11.4_06-2.33 is installed
  • OR xen-tools-domU-4.11.4_06-2.33 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server 12 SP5 is installed
  • AND
  • libsolv-devel-0.6.37-2.33.1 is installed
  • OR libsolv-tools-0.6.37-2.33.1 is installed
  • OR libzypp-16.21.4-2.51.1 is installed
  • OR libzypp-devel-16.21.4-2.51.1 is installed
  • OR perl-solv-0.6.37-2.33.1 is installed
  • OR python-solv-0.6.37-2.33.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND
  • libsolv-devel-0.6.37-2.33.1 is installed
  • OR libsolv-tools-0.6.37-2.33.1 is installed
  • OR libzypp-16.21.4-2.51.1 is installed
  • OR libzypp-devel-16.21.4-2.51.1 is installed
  • OR perl-solv-0.6.37-2.33.1 is installed
  • OR python-solv-0.6.37-2.33.1 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND Package Information
  • MozillaFirefox-60.9.0-109.86 is installed
  • OR MozillaFirefox-translations-common-60.9.0-109.86 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.281-43.44 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.281-43.44 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.281-43.44 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.281-43.44 is installed
    • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 9 is installed
  • AND Package Information
  • ruby2.1-rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
  • OR rubygem-rails-html-sanitizer-1.0.3-8.8 is installed
    • BACK