Oval Definition:oval:org.opensuse.security:def:63745
Revision Date:2020-12-01Version:1
Title:Security update for libsolv, libzypp, zypper (Moderate)
Description:

This update for libsolv, libzypp and zypper fixes the following issues:

libsolv was updated to version 0.6.36 fixes the following issues:

Security issues fixed:

- CVE-2018-20532: Fixed a NULL pointer dereference in testcase_read() (bsc#1120629). - CVE-2018-20533: Fixed a NULL pointer dereference in testcase_str2dep_complex() (bsc#1120630). - CVE-2018-20534: Fixed a NULL pointer dereference in pool_whatprovides() (bsc#1120631).

Non-security issues fixed:

- Made cleandeps jobs on patterns work (bsc#1137977). - Fixed an issue multiversion packages that obsolete their own name (bsc#1127155). - Keep consistent package name if there are multiple alternatives (bsc#1131823).

libzypp received following fixes:

- Fixes a bug where locking the kernel was not possible (bsc#1113296)

zypper received following fixes:

- Fixes a bug where the wrong exit code was set when refreshing repos if --root was used (bsc#1134226) - Improved the displaying of locks (bsc#1112911) - Fixes an issue where `https` repository urls caused an error prompt to appear twice (bsc#1110542) - zypper will now always warn when no repositories are defined (bsc#1109893)
Family:unixClass:patch
Status:Reference(s):1027519
1046305
1046306
1050252
1050549
1051510
1054610
1055121
1056658
1056662
1056787
1060463
1063638
1065600
1068032
1070995
1071995
1074562
1074578
1074701
1075006
1075419
1075748
1078355
1080039
1082943
1083548
1083630
1083647
1084216
1086095
1086282
1086301
1086313
1086314
1086323
1087082
1087084
1087092
1087939
1088133
1094555
1098382
1098425
1098995
1102055
1103429
1104353
1106105
1106434
1106811
1107078
1107665
1108101
1108870
1108940
1109695
1109893
1110096
1110542
1110705
1111014
1111319
1111666
1112911
1113042
1113296
1113712
1113722
1113769
1113939
1114279
1114405
1114423
1114585
1114893
1114988
1115040
1115043
1115044
1115045
1115047
1117108
1117155
1117645
1117756
1117947
1118338
1119019
1119086
1119766
1119843
1120008
1120318
1120601
1120629
1120630
1120631
1120758
1120854
1120902
1120909
1120955
1121317
1121726
1121789
1121805
1122019
1122159
1122192
1122292
1122324
1122554
1122662
1122764
1122779
1122822
1122885
1122927
1122944
1122971
1122982
1123060
1123061
1123161
1123317
1123348
1123357
1123456
1123538
1123697
1123882
1123933
1124055
1124204
1124235
1124579
1124589
1124728
1124732
1124735
1124969
1124974
1124975
1124976
1124978
1124979
1124980
1124981
1124982
1124984
1124985
1125109
1125125
1125252
1125315
1125614
1125728
1125780
1125797
1125799
1125800
1125907
1125947
1126131
1126209
1126389
1126393
1126476
1126480
1126481
1126488
1126495
1126555
1126579
1126789
1126790
1126802
1126803
1126804
1126805
1126806
1126807
1127042
1127062
1127082
1127154
1127155
1127285
1127286
1127307
1127363
1127493
1127494
1127495
1127496
1127497
1127498
1127534
1127561
1127567
1127595
1127603
1127682
1127731
1127750
1127836
1127961
1128094
1128166
1128351
1128451
1128895
1129046
1129080
1129163
1129179
1129181
1129182
1129183
1129184
1129205
1129281
1129284
1129285
1129291
1129292
1129293
1129294
1129295
1129296
1129326
1129327
1129330
1129363
1129366
1129497
1129519
1129543
1129547
1129551
1129581
1129625
1129664
1129739
1129923
1131823
1133817
1134226
1137977
1142281
1149110
1149332
1150011
1157893
1158996
1159861
1160369
1161194
1165784
1167631
1169659
1170313
1170423
1174662
807502
824948
828192
925178
CVE-2017-12627
CVE-2017-5753
CVE-2017-7418
CVE-2018-17963
CVE-2018-18849
CVE-2018-18883
CVE-2018-19665
CVE-2018-19961
CVE-2018-19962
CVE-2018-19963
CVE-2018-19964
CVE-2018-19965
CVE-2018-19966
CVE-2018-19967
CVE-2018-20532
CVE-2018-20533
CVE-2018-20534
CVE-2018-20669
CVE-2019-11596
CVE-2019-12519
CVE-2019-12520
CVE-2019-12521
CVE-2019-12524
CVE-2019-12815
CVE-2019-14822
CVE-2019-15026
CVE-2019-19948
CVE-2019-19949
CVE-2019-2024
CVE-2019-3459
CVE-2019-3460
CVE-2019-3819
CVE-2019-6974
CVE-2019-7221
CVE-2019-7222
CVE-2019-7308
CVE-2019-8912
CVE-2019-8980
CVE-2019-9213
CVE-2020-10029
CVE-2020-11945
CVE-2020-1751
CVE-2020-1752
CVE-2020-9862
CVE-2020-9893
CVE-2020-9894
CVE-2020-9895
CVE-2020-9915
CVE-2020-9925
openSUSE-SU-2019:1836-1
openSUSE-SU-2020:0170-1
openSUSE-SU-2020:0721-1
openSUSE-SU-2020:1275-1
SUSE-SU-2019:0003-1
SUSE-SU-2019:0765-1
SUSE-SU-2019:1972-1
SUSE-SU-2019:2389-1
SUSE-SU-2020:0832-1
SUSE-SU-2020:1227-1
SUSE-SU-2020:2225-1
Platform(s):openSUSE Leap 15.1
openSUSE Leap 15.2
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP4-LTSS
Product(s):
Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • proftpd-1.3.5e-lp151.3.3 is installed
  • OR proftpd-devel-1.3.5e-lp151.3.3 is installed
  • OR proftpd-doc-1.3.5e-lp151.3.3 is installed
  • OR proftpd-lang-1.3.5e-lp151.3.3 is installed
  • OR proftpd-ldap-1.3.5e-lp151.3.3 is installed
  • OR proftpd-mysql-1.3.5e-lp151.3.3 is installed
  • OR proftpd-pgsql-1.3.5e-lp151.3.3 is installed
  • OR proftpd-radius-1.3.5e-lp151.3.3 is installed
  • OR proftpd-sqlite-1.3.5e-lp151.3.3 is installed
  • Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND Package Information
  • libjavascriptcoregtk-4_0-18-2.28.4-lp152.2.4 is installed
  • OR libjavascriptcoregtk-4_0-18-32bit-2.28.4-lp152.2.4 is installed
  • OR libwebkit2gtk-4_0-37-2.28.4-lp152.2.4 is installed
  • OR libwebkit2gtk-4_0-37-32bit-2.28.4-lp152.2.4 is installed
  • OR libwebkit2gtk3-lang-2.28.4-lp152.2.4 is installed
  • OR typelib-1_0-JavaScriptCore-4_0-2.28.4-lp152.2.4 is installed
  • OR typelib-1_0-WebKit2-4_0-2.28.4-lp152.2.4 is installed
  • OR typelib-1_0-WebKit2WebExtension-4_0-2.28.4-lp152.2.4 is installed
  • OR webkit-jsc-4-2.28.4-lp152.2.4 is installed
  • OR webkit2gtk-4_0-injected-bundles-2.28.4-lp152.2.4 is installed
  • OR webkit2gtk3-2.28.4-lp152.2.4 is installed
  • OR webkit2gtk3-devel-2.28.4-lp152.2.4 is installed
  • OR webkit2gtk3-minibrowser-2.28.4-lp152.2.4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libsolv-0.6.36-2.16 is installed
  • OR libsolv-tools-0.6.36-2.16 is installed
  • OR libzypp-16.20.0-2.39 is installed
  • OR perl-solv-0.6.36-2.16 is installed
  • OR python-solv-0.6.36-2.16 is installed
  • OR zypper-1.13.51-21.26 is installed
  • OR zypper-log-1.13.51-21.26 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4-LTSS is installed
  • AND Package Information
  • libxerces-c-3_1-3.1.1-13.3 is installed
  • OR libxerces-c-3_1-32bit-3.1.1-13.3 is installed
  • OR xerces-c-3.1.1-13.3 is installed
  • BACK