Oval Definition:oval:org.opensuse.security:def:65754
Revision Date:2020-12-01Version:1
Title:Security update for libsolv, libzypp, zypper (Moderate)
Description:

This update for libsolv, libzypp, zypper fixes the following issues:



Security issue fixed:

- CVE-2019-18900: Fixed assert cookie file that was world readable (bsc#1158763).

Bug fixes

- Fixed removing orphaned packages dropped by to-be-installed products (bsc#1155819). - Adds libzypp API to mark all obsolete kernels according to the existing purge-kernel script rules (bsc#1155198). - Do not enforce 'en' being in RequestedLocales If the user decides to have a system without explicit language support he may do so (bsc#1155678). - Load only target resolvables for zypper rm (bsc#1157377). - Fix broken search by filelist (bsc#1135114). - Replace python by a bash script in zypper-log (fixes#304, fixes#306, bsc#1156158). - Do not sort out requested locales which are not available (bsc#1155678). - Prevent listing duplicate matches in tables. XML result is provided within the new list-patches-byissue element (bsc#1154805). - XML add patch issue-date and issue-list (bsc#1154805). - Fix zypper lp --cve/bugzilla/issue options (bsc#1155298). - Always execute commit when adding/removing locales (fixes bsc#1155205). - Fix description of --table-style,-s in man page (bsc#1154804).
Family:unixClass:patch
Status:Reference(s):1055186
1065600
1065729
1094244
1112178
1113956
1135114
1154366
1154804
1154805
1155198
1155205
1155298
1155678
1155819
1156158
1157377
1158763
1167527
1168468
1169972
1171675
1171688
1171742
1173115
1174899
1175228
1175749
1175882
1176011
1176022
1176038
1176235
1176242
1176278
1176316
1176317
1176318
1176319
1176320
1176321
1176381
1176395
1176410
1176423
1176482
1176507
1176536
1176544
1176545
1176546
1176548
1176659
1176698
1176699
1176700
1176721
1176722
1176725
1176732
1176788
1176789
1176869
1176877
1176935
1176950
1176962
1176966
1176990
1177027
1177030
1177041
1177042
1177043
1177044
1177121
1177206
1177258
1177291
1177293
1177294
1177295
1177296
CVE-2019-18900
CVE-2020-0404
CVE-2020-0427
CVE-2020-0431
CVE-2020-0432
CVE-2020-14381
CVE-2020-14390
CVE-2020-25212
CVE-2020-25284
CVE-2020-25641
CVE-2020-25643
CVE-2020-26088
SUSE-SU-2020:0432-1
SUSE-SU-2020:2905-1
Platform(s):SUSE Linux Enterprise Module for Legacy Software 15 SP1
SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise Module for Legacy Software 15 SP1 is installed
  • AND Package Information
  • kernel-default-4.12.14-197.61 is installed
  • OR reiserfs-kmp-default-4.12.14-197.61 is installed
    • Definition Synopsis
  • SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed
  • AND Package Information
  • libsolv-0.7.10-3.13 is installed
  • OR libsolv-demo-0.7.10-3.13 is installed
  • OR libzypp-17.19.0-3.14 is installed
  • OR libzypp-devel-doc-17.19.0-3.14 is installed
  • OR zypper-1.14.33-3.13 is installed
  • OR zypper-aptitude-1.14.33-3.13 is installed
    • BACK