Oval Definition:oval:org.opensuse.security:def:65094
Revision Date:2020-12-01Version:1
Title:Security update for libsolv, libzypp, zypper (Moderate)
Description:

This update for libsolv, libzypp, zypper fixes the following issues:



Security issue fixed:

- CVE-2019-18900: Fixed assert cookie file that was world readable (bsc#1158763).

Bug fixes

- Fixed removing orphaned packages dropped by to-be-installed products (bsc#1155819). - Adds libzypp API to mark all obsolete kernels according to the existing purge-kernel script rules (bsc#1155198). - Do not enforce 'en' being in RequestedLocales If the user decides to have a system without explicit language support he may do so (bsc#1155678). - Load only target resolvables for zypper rm (bsc#1157377). - Fix broken search by filelist (bsc#1135114). - Replace python by a bash script in zypper-log (fixes#304, fixes#306, bsc#1156158). - Do not sort out requested locales which are not available (bsc#1155678). - Prevent listing duplicate matches in tables. XML result is provided within the new list-patches-byissue element (bsc#1154805). - XML add patch issue-date and issue-list (bsc#1154805). - Fix zypper lp --cve/bugzilla/issue options (bsc#1155298). - Always execute commit when adding/removing locales (fixes bsc#1155205). - Fix description of --table-style,-s in man page (bsc#1154804).
Family:unixClass:patch
Status:Reference(s):1104841
1129528
1135114
1137990
1149429
1151186
1153423
1153869
1154738
1154804
1154805
1155198
1155205
1155298
1155678
1155819
1156158
1157377
1158763
1178466
CVE-2019-11757
CVE-2019-11758
CVE-2019-11759
CVE-2019-11760
CVE-2019-11761
CVE-2019-11762
CVE-2019-11763
CVE-2019-11764
CVE-2019-15903
CVE-2019-18900
CVE-2020-8037
SUSE-SU-2019:2871-1
SUSE-SU-2020:0432-1
Platform(s):openSUSE Leap 15.2
SUSE Linux Enterprise Module for Basesystem 15 SP1
SUSE Linux Enterprise Module for Desktop Applications 15 SP1
Product(s):
Definition Synopsis
  • openSUSE Leap 15.2 is installed
  • AND tcpdump-4.9.2-lp152.7.3 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Basesystem 15 SP1 is installed
  • AND Package Information
  • libsolv-0.7.10-3.13 is installed
  • OR libsolv-devel-0.7.10-3.13 is installed
  • OR libsolv-tools-0.7.10-3.13 is installed
  • OR libzypp-17.19.0-3.14 is installed
  • OR libzypp-devel-17.19.0-3.14 is installed
  • OR python3-solv-0.7.10-3.13 is installed
  • OR zypper-1.14.33-3.13 is installed
  • OR zypper-log-1.14.33-3.13 is installed
  • OR zypper-needs-restarting-1.14.33-3.13 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Desktop Applications 15 SP1 is installed
  • AND Package Information
  • MozillaFirefox-68.2.0-3.59 is installed
  • OR MozillaFirefox-branding-SLE-68-4.11 is installed
  • OR MozillaFirefox-devel-68.2.0-3.59 is installed
  • OR MozillaFirefox-translations-common-68.2.0-3.59 is installed
  • OR MozillaFirefox-translations-other-68.2.0-3.59 is installed
    • BACK